Research at TiSEM

Get inspired by Economics and Business

Check out the research special of New Scientist magazine

Serious vulnerability in Microsoft Office

Published: 10th September 2021 Last updated: 10th September 2021

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office files. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document. The attacker would then have to convince you to open the malicious document.

LIS has taken some measures to mitigate these attacks. LIS can only take these measures on workstations it manages. For other workstations, including your private computer, you have to help us keep us all safe.  
 

  • LIS has improved the detection mechanismes on managed workstations.
  • LIS has disabled the activation of new ActiveX controls on managed workstations.  

 
We ask you to take some measures too.
 

  • Don't open attachments without carefully checking that you know the sender AND that the type of document you received is something they would send you. If in doubt, always verify by the sender immediatly. Preferably in another way than a reply to the email received.
  • Make sure your anti-virus software is running and up-to-date.
  • Disable new ActiveX controls on your computer, if LIS has not already done so. If you do not know how, contact the IT Support (013 466 2222).

More information:  Microsoft MSHTML Remote Code Execution Vulnerability


If you are afraid you have already been infected, turn off your computer and inform Tilburg University CERT (cert@uvt.nl, 013 466 3095).