Microsoft MSHTML (CVE 2021 40444) Exploit with Metasploit for Remote Code Execution

About this tutorial:

Video duration: 00:04:22
Exploiting MSHTML (CVE 2021 40444) with Metasploit to achieve Remote Code Execution

In this session, we focused on exploiting the recent Microsoft MSHTML vulnerability using Metasploit.

MSHTML is Microsoft’s proprietary browser engine for Internet Explorer. Attackers can attach malicious ActiveX controls in Microsoft Office word doc. Victims only need to open the malicious documents for adversaries to get inside the network.

The attack depends on MSHTML loading a specially crafted ActiveX control when the victim opens a malicious Office document. The loaded ActiveX control can then…

Post Author:

Apple lover, ICT and LEAN consultant, MS Office lecturer My other website with video tutorials - Tutorials, guides and news for iPhones and iPads