On September 7, 2021, Microsoft released a Security Vulnerability report of a remote code execution vulnerability (known as CVE-2021-40444 ) in MSHTML that affects Microsoft Windows.
CVE-2021-4044 affects the "MSHTML" component of Internet Explorer (IE) on Windows 10 and other Windows Server versions. IE has decreased in popularity, but the browser is still a component of operating systems like Microsoft Office.
ESET is investigating reports of a remote code execution vulnerability CVE-2021-40444 and is adding detections for known samples exploiting the vulnerability.
We recommend the following mitigation for protection: