MSHTML – MrHacker

Attackers bypass Microsoft security patch to drop Formbook malware

The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings over how attackers used a novel exploit to bypass a patch for a crucial vulnerability impacting the Microsoft Office file format. Researchers revealed that the […]

Sep 29, 2021

Hackers hit Russian ministry, rocket center using MSHTML vulnerability

Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center. Malwarebytes Intelligence team reports that the MSHTML vulnerability classified as CVE-2021-40444 has become the focus of threat actors targeting Russian government entities. Malwarebytes researchers intercepted phishing email attachments revealing that attackers were trying to target Russian organizations. The […]

root