Recently, Microsoft informed users about a threatening zero-day vulnerability in Windows 10 and Windows Server versions named Microsoft MSHTML Remote Code Execution Vulnerability. The threat has affected two essential Microsoft components, Internet Explorer and MS Office. Cybercriminals can exploit this vulnerability and take control of the PC through infected websites and malicious Office documents.
Let us know in detail what this vulnerability is and how to fix it to stop hackers from attacking Windows 10 devices.
To fix various Windows 10/11 problems, we recommend Outbyte PC Repair:
This software will repair common computer errors, protect you from file loss, malware damage, hardware failure, and optimise your computer for peak performance. In three simple steps, you can resolve PC issues and remove virus damage:
- Download Outbyte PC Repair Software
- Click Start Scan to detect Windows 10/11 issues that may be causing PC issues.
- Click Repair All to fix issues with your computer's security and performance.
This month, Outbyte has been downloaded by 23,167 readers.
What is Microsoft MSHTML Remote Code Execution Vulnerability?
The issue was first reported with the MSHTML part of the Internet Explorer. The same component is also used by Microsoft Office to render the web-based elements within office documents which makes the MS Office vulnerable too.
As soon as this zero-day vulnerability codenamed CVE-2021-40444 was detected, Microsoft released a statement “An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
The exploit uses the MS Office files containing malicious ActiveX controls that could grant a threat actor access by simply downloading a file. When the file is opened, it automatically launches a page on the Internet
Before releasing the update to fix the issue, Microsoft also offered a quick workaround to mitigate the threat. They suggested disabling the installation of all Active X controls in Internet Explorer. It is not the first time that the Active X controls cause security trouble in Windows 10.
So, what are Active X controls?
Like we have web extensions and plug-ins for Chrome browser, the Active X controls are the Internet Explorer’s version of plug-ins. These pieces of programs have access to your whole system, and if you use Internet Explorer, the websites might prompt you to install them. These Internet Explorer add-ons are historically exploited by cybercriminals to attack and infect Windows-based systems. They can be used to perform many illicit activities in the background without any knowledge to the user, like monitoring your browsing data, install malware, generate pop-ups, log your keystrokes and passwords, and do other malicious things.
The Active X controls are not just limited to Internet Explorer. They also function in other Microsoft applications like MS Office.
How to fix the vulnerability?
Fortunately, there are multiple solutions to fix the issue. However, the best and the most obvious is to update your Windows 10 system with the latest released security patch. As a part of Microsoft’s patch Tuesday update, there are a total of 66 patches released, including the fix to Microsoft MSHTML Remote Code Execution Vulnerability.
Fix vulnerabilities through Windows Update
Here is how you can install the latest update patch:
- Open Windows settings and switch to Update & Security.
- Click on Check for Updates.
- Download and install the updates.
Disable Active X controls in Internet Explorer
Before releasing the update patch to fix it, Microsoft suggested a quick way to stop hackers from taking advantage of such vulnerabilities is by disabling the Active X controls installation. The problem with this method is that it is not direct. You cannot just disable the Active X controls from Windows settings of Internet Explorer settings. To do that, you need to make changes in a few registry settings, which is a pretty risky thing to do. Anything wrong can lead to reinstallation of the whole operating system.
To disable Active X controls by editing registries, follow these steps:
- Open a new notepad document and copy, paste the following into it:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
“1001”=dword:00000003
“1004”=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
“1001”=dword:00000003
“1004”=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
“1001”=dword:00000003
“1004”=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3]
“1001”=dword:00000003
“1004”=dword:00000003
Save the file with the ‘.reg’ extension with any name.
Double click on the saved .reg file to execute the registry modification.
Restart the system to apply the new settings successfully.
Though most Windows OS users are always reluctant to download and install the new updates, it is highly recommended not to ignore September 2021 Patch Tuesday update. Instead of using the registry hack, which is risky, updating is a better option with low risk. Also, since Microsoft has discontinued the support of Internet Explorer, it is better to switch to other available options like Chrome, Edge, or others.
Peter is an Electrical Engineer whose primary interest is tinkering with his computer. He is passionate about Windows 10 Platform and enjoys writing tips and tutorials about it.
Can I uninstall Internet Explorer without creating other issues? I never use it
Yes, you can do that without any risk. For that follow this post: https://www.windowschimp.com/remove-built-in-apps-windows-10-powershell/