Enterprise customers who manage updates should opt for detection build 1.349.22.0 or newer and deploy it across their environments.
Microsoft Defender for Endpoint alerts will be displayed as: Suspicious Cpl File Execution.
EXPMONsaidin a tweet that they detected a highly sophisticated zero-day attack targeted at Microsoft Office users.
The exploit uses logical flaws so the exploitation is perfectly reliable (& dangerous), the company tweeted.
Previously-installed ActiveX controls will continue to run, but do not expose this vulnerability, the advisory said.
Double-tap the .reg file to apply it to your Policy hive.
Reboot the system to ensure the new configuration is applied.
New ActiveX controls will not be installed and previously installed ActiveX controls will continue to run.
source: www.techworm.net
