Microsoft has said that hackers are attacking Windows using harmful Office files. Hackers are trying to hack by taking advantage of the problem in the code CVE-2021-404444.
This problem seems to be affecting the 2008 version of Windows Server and Windows 7 to 10 versions of Windows. Attackers force Windows users to open Office files.
That file automatically opens Internet Explorer, which opens the Bad Actor webpage. That webpage contains ActiveX Control, which lets malware be downloaded to users’ computers. This is called Zero-Day Attack.
As soon as you open that harmful office file, the virus gets infected in the user’s computer. For this, Microsoft has not released the security patch.
According to Microsoft, Microsoft Defender Antivirus and Microsoft Defender for Endpoint will fix this problem. Microsoft has also suggested deactivating all ActiveX controls in Internet Explorer.