A fresh alert from CERT-In has been released for a number of Microsoft products. The government agency has discovered a fresh vulnerability in Windows HTML and Microsoft Office. The research states that this flaw could allow remote attackers to compromise the device’s data and security by executing arbitrary code on the targeted system.
CERT-IN is a nodal organization under the Ministry of Electronics and Information Technology, for those who are not familiar. Threats to cybersecurity including phishing and hacking are addressed.
What the government has stated
A fresh vulnerability has been discovered in Windows HTML and Microsoft Office, according to CERT-In. If a hacker or attacker is successful in exploiting them, they are then able to remotely execute arbitrary code on the targeted system.
affected applications
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office 2019 for 64-bit editions
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Microsoft Office 2019 for 32-bit editions
Windows Server 2012 R2 (Server Core installation)
Why these weaknesses exist
According to the research, this vulnerability occurs in Microsoft Office and Windows HTML because cross-protocol file navigation is handled with poor user input validation. This flaw could be used by an attacker by convincing a victim to open a specially created file.
What users can do
Users who utilize Microsoft Defender for Office are protected against attachments that attempt to exploit this vulnerability, according to CERT-In.
In current attack chains, using the Attack Surface Reduction Rule ‘Block all Office apps from establishing child processes’ will prevent the vulnerability from being exploited.
Organizations that are unable to take advantage of these safeguards can add the following program names to this registry key as values of type REG_DWORD with data 1.:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION
- Microsoft Excel.exe
- Graph.exe
- MSAccess.exe is the third executable.
- MSPub.exe
- Microsoft PowerPoint.exe
- Visio.exe
- WinProject.exe
- WinWord.exe (Windows Word)
Check out TechOnTips.com for the most recent news, tech news, breaking news headlines, and live updates.