13th September 2021 – (Hong Kong) Microsoft Windows said that serious vulnerabilities have been discovered in multiple versions of Windows operating systems recently and many softwares have been widely compromised by hackers. The HHong Kong Computer Emergency Response Team Coordination Centre (HKCERT) today (13th) urged local users to beware of related vulnerabilities. Users are advised not to open any unknown or suspicious Office files, and keep Microsoft Defender Antivirus and Microsoft Defender for Endpoint updated. According to the information on the official website of the Coordination Centre, the security bulletin on the vulnerability of remote code execution in Microsoft Windows was issued on 8th September. The CVE-2021-40444 vulnerability is being widely exploited and no rectification is currently available.
So far, Microsoft has not provided a security update to fix the vulnerability, but it has launched a temporary solution. It is recommended that users seek the assistance of IT technicians and pay close attention to the development of related attacks and security updates. According to Microsoft, the vulnerability exploits a specially crafted Office document to attack users. Once the relevant document file is opened, the hacker can remotely execute malicious code to the target system. The company claims that its Microsoft Defender Antivirus and Microsoft Defender for Endpoint can detect the vulnerability and provide related protection for the system.