{"uuid": "7f4b661a-8a0f-47db-abfc-b0735ede87cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40444", "type": "exploited", "source": "https://t.me/St0rM66/450", "content": "\u0627\u064a\u0645\u064a\u0644 \u0635\u063a\u064a\u0631 \u0628\u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0645\u0644\u0641 Word \u0645\u0645\u0643\u0646 \u064a\u062a\u0628\u0639\u062a \u0644\u0627\u064a \u0634\u062e\u0635, \u0648\u0628\u0645\u062c\u0631\u062f \u062a\u0646\u0632\u064a\u0644 \u0648\u0641\u062a\u062d \u0645\u0644\u0641 \u0627\u0644\u0640 Word, \u0627\u0644\u0637\u0631\u0641 \u0627\u0644\u0627\u062e\u0631 \u0628\u064a\u0627\u062e\u062f Access \u0643\u0627\u0645\u0644 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632\u0643, \u0628\u062f\u0648\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u0627 \u064a\u0639\u0631\u0641 \u0628\u0625\u0633\u0645 \u0627\u0644\u0640 Macros.\n\n\u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0645\u0639\u0631\u0648\u0641\u0629 \u0628\u0625\u0633\u0645 CVE-2021-40444.\n\n\u0627\u0644\u0640 Attack \u0628\u064a\u062d\u0635\u0644 \u0643\u0627\u0644\u0623\u062a\u064a:-\n\n- \u0645\u0644\u0641 Word \u0628\u064a\u062a\u0628\u0639\u062a \u0641\u064a \u0627\u064a\u0645\u064a\u0644.\n- \u0627\u0644\u0645\u0644\u0641 \u0628\u064a\u062a\u0645 \u062a\u0646\u0632\u064a\u0644\u0647 \u0648\u062a\u0634\u063a\u064a\u0644\u0647 \u0648\u0628\u0633\u0628\u0628 \u0627\u0646\u0647\u0627 \u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0641\u0627 \u0628\u062a\u0643\u0648\u0646 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641\u0629 \u0644\u0644\u0640 Antivirus.\n- \u0645\u0644\u0641 \u0627\u0644\u0640 Word \u0628\u064a\u0646\u0632\u0644 \u0645\u0644\u0641 \u0627\u062e\u0631 \u0628\u064a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u0643\u0648\u062f Javascript.\n- \u0643\u0648\u062f \u0627\u0644\u0640 Javascript \u0628\u064a\u0646\u0632\u0644 \u0645\u0644\u0641 \u0627\u062e\u0631 \u0628\u064a\u062d\u062a\u0648\u0649 \u0639\u0644\u0649 DLL File.\n- \u0627\u0644\u0640 DLL File \u0628\u062f\u0648\u0631\u0647 \u0628\u064a\u0641\u062a\u062d \u0627\u062a\u0635\u0627\u0644 \u0645\u0639 \u0627\u0644\u0640 Attacker \u0645\u0646 \u062e\u0644\u0627\u0644 \u062a\u0648\u0644 \u0627\u0633\u0645\u0647\u0627 Cobalt Strike.\n\n\u062d\u0627\u0644\u064a\u0627 \u0634\u0631\u0643\u0629 \u0645\u064a\u0643\u0631\u0648\u0633\u0648\u0641\u062a \u0646\u0632\u0644\u062a \u0628\u0627\u062a\u0634 \u0644\u0644\u062b\u063a\u0631\u0629 \u062f\u064a.\n\nhttps://www.microsoft.com/security/blog/2021/09/15/analyzing-attacks-that-exploit-the-mshtml-cve-2021-40444-vulnerability/", "creation_timestamp": "2021-09-19T15:46:26.000000Z"}