KLA12277
RCE vulnerability in Microsoft Windows

A remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code.

The following public exploits exists for this vulnerability:

https://github.com/ozergoker/CVE-2021-40444

https://github.com/DarkSprings/CVE-2021-40444

https://github.com/rfcxv/CVE-2021-40444-POC

https://github.com/bambooqj/CVE-2021-40444_EXP_JS

https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis

https://github.com/vysecurity/CVE-2021-40444

https://github.com/Udyz/CVE-2021-40444-Sample

https://github.com/zaneGittins/CVE-2021-40444-evtx

https://github.com/lockedbyte/CVE-2021-40444

https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate

https://github.com/KnoooW/CVE-2021-40444-docx-Generate

https://github.com/nightrelax/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx

https://github.com/amartinsec/MSHTMHell

https://github.com/mansk1es/Caboom

https://github.com/jamesrep/cve-2021-40444

https://github.com/aslitsecurity/CVE-2021-40444_builders

https://github.com/khoaduynu/CVE-2021-40444

https://github.com/js-on/CVE-2021-40444

https://github.com/k8gege/CVE-2021-40444

https://github.com/vanhohen/MSHTML-CVE-2021-40444

https://github.com/klezVirus/CVE-2021-40444

https://github.com/Udyz/CVE-2021-40444-CAB

https://github.com/gh0stxplt/CVE-2021-40444-URL-Extractor

https://github.com/Edubr2020/CVE-2021-40444—CABless

https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives

https://github.com/LazarusReborn/Docx-Exploit-2021

https://github.com/H0j3n/CVE-2021-40444

https://github.com/factionsypho/TIC4301_Project

https://github.com/TiagoSergio/CVE-2021-40444

https://github.com/0xK4gura/CVE-2021-40444-POC

https://github.com/Zeop-CyberSec/word_mshtml

https://github.com/Jeromeyoung/MSHTMHell

https://github.com/metehangenel/MSHTML-CVE-2021-40444

https://github.com/Alexcot25051999/CVE-2021-40444

https://github.com/lisinan988/CVE-2021-40444-exp

https://github.com/W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server, version 2004 (Server Core installation)
Windows Server 2016 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2016
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows 10 for x64-based Systems
Windows Server 2012 R2
Windows Server 2012
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows Server 2019
Windows 10 Version 1607 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2019 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 10 Version 21H1 for ARM64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 for 32-bit Systems
Windows 10 Version 20H2 for 32-bit Systems

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)