Web: https://www.cisecurity.org/advisory/a-vulnerability-in-microsoft-mshtml-could-allow-for-remote-code-execution_2021-108

Jan. 7, 2022, 10:44 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center cisecurity.org

A vulnerability has been discovered in Microsoft MSHTML, which could allow for remote code execution. MSHTML (also known as Trident) is the engine used for Internet Explorer. It is also used by Microsoft Office applications for rendering web based content. Successful exploitation of this vulnerability could result in remote code execution in the context of the affected user. Depending on the privileges associated with the user, an attacker could view, change, or delete data.

code code execution microsoft mshtml remote remote code execution vulnerability

More from cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Security Engineer

@ KAYAK | Berlin

Staff Reverse Engineer

@ Dragos, Inc. | Remote - USA

Cybersecurity Engineer

@ Sigma Defense | San Diego, California, United States

Sr Staff Engineer/Principal Engineer(Security Researcher, Security Efficacy)

@ Netskope | Bengaluru, Karnataka, India

Information Security Manager - Zurich, CH

@ Scandit | Zurich

Senior Developer C/Go (Acronis Cyber Infrastructure)

@ Acronis | Belgrade, Stari Grad, Serbia