:::

MSHTML

請以左右鍵切換緣起弱點說明(左邊)、影響範圍(中間)、防護建議(右邊)之頁籤

漏洞說明

微軟安全回應中心(Microsoft Security Response Center, MSRC)公告編號為CVE-2021-40444的Windows作業系統重大漏洞。
該漏洞存在於IE瀏覽器的核心元件MSHTML，攻擊者於Office文件檔(Word、Excel、PowerPoint)加入惡意ActiveX控制項，透過釣魚郵件誘騙使用者開啟惡意Office文件檔時將載入惡意程式，利用漏洞取得受駭電腦控制權，進而透過受駭電腦進行橫向移動。

CVE編號

CVE-2021-40444

可能風險

利用此漏洞之攻擊手法多搭配釣魚郵件進行，誘騙使用者開啟惡意Office文件檔，一旦未修補此漏洞之電腦開啟惡意文件後，攻擊者即可取得該電腦控制權。

影響平台

Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2(Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2(Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1(Server Core installation)
Windows Server 2012
Windows Server 2012(Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016(Server Core installation)
Windows Server 2019
Windows Server 2019(Server Core installation)
Windows Server 2022
Windows Server 2022(Server Core installation)
Windows Server, version 2004(Server Core installation)
Windows Server, version 20H2(Server Core Installation)

修補方式

微軟官方已針對此漏洞釋出更新程式，請各機關聯絡維護廠商或參考以下網址進行更新：
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

緩解方式

若無法安裝更新程式，請參考微軟官方說明(https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444)，於Internet Explorer中停用所有ActiveX控制項，以防範此攻擊。
1.透過群組原則停用ActiveX控制項
2.透過RegKey停用ActiveX控制項
3.停用Windows Explorer預覽功能

2022/10/13 下午 02:18:47