This week, Microsoft warned that hackers are actively exploiting a vulnerability in its Windows program, urging customers to take steps to strengthen security.
“Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows,” the company wrote in security alert issued Tuesday. “Microsoft is aware of the specific attacks that attempt to exploit this vulnerability through specially designed Microsoft Office documents.”
Microsoft warned that an attacker could target victims through Microsoft Office documents, with users tricked into opening a malicious document, which opens a page in Internet Explorer that downloads malicious software to the system.
While the company noted that it was investigating the vulnerability, it urged users to keep their antivirus software up to date and that both Microsoft Defender Antivirus and Microsoft Defender for Endpoint worked to detect the vulnerability. He also wrote that disabling the installation ActiveX software framework in Internet Explorer “would mitigate the attack.”
“Once this investigation is completed, Microsoft will take appropriate steps to help protect our customers,” the company wrote. “This may include providing a security update through our monthly release process or providing an off-cycle security update, depending on customer needs.”
The U.S. Cyber Security and Infrastructure Agency (CISA) U.S. Emergency Preparedness Team (US-CERT) on Tuesday sounded the alarm about vulnerabilities, piulant that CISA “encourages users and organizations to review Microsoft’s mitigations and workarounds to fix” the vulnerability.
The vulnerability is the last security concern that Microsoft has faced in recent months.
A report published last month found that 38 million records from dozens of organizations were exposed online earlier this year due to misconfiguration in a Microsoft product.
In addition, Microsoft announced earlier this year that a group of Chinese hackers known as “Hafnium” were exploiting security flaws in their Exchange Server email application. The vulnerabilities formally exposed tens of thousands of companies to cybercrime and the Biden administration formally attributed the non-compliance of Chinese government-affiliated hackers in July.