{"id":231980,"date":"2021-09-10T15:26:00","date_gmt":"2021-09-10T14:26:00","guid":{"rendered":"https:\/\/www.stormshield.com\/?p=231980"},"modified":"2024-02-15T11:02:03","modified_gmt":"2024-02-15T10:02:03","slug":"alerte-securite-cve202140444-la-reponse-des-produits-stormshield","status":"publish","type":"post","link":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/","title":{"rendered":"Alerte s\u00e9curit\u00e9 CVE-2021-40444 : la r\u00e9ponse des produits Stormshield"},"content":{"rendered":"

C\u2019est la rentr\u00e9e pour les vuln\u00e9rabilit\u00e9s Zero-day, avec une faille dans le moteur de rendu HTML de Microsoft. Le point sur la vuln\u00e9rabilit\u00e9 critique CVE-2021-40444, avec l\u2019\u00e9quipe Stormshield Customer Security Lab.<\/strong><\/p>\n

 <\/p>\n

Le contexte de la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444<\/h2>\n

Microsoft a communiqu\u00e9 ce mardi 7 septembre autour d'une vuln\u00e9rabilit\u00e9 Zero-day critique<\/a> permettant l\u2019ex\u00e9cution de code arbitraire \u00e0 distance (CVE-2021-40444<\/strong>, score CVSS 8.8) concernant son moteur de rendu internet MSHTML, utilis\u00e9 par des programmes comme Internet Explorer. M\u00eame si ce navigateur a \u00e9t\u00e9 majoritairement remplac\u00e9 par Microsoft Edge, il reste encore pr\u00e9sent sur les syst\u00e8mes modernes et quelques programmes continuent de l\u2019utiliser.<\/p>\n

Puisque la vuln\u00e9rabilit\u00e9 Microsoft Zero-day se situe dans le module MSHTML qui peut \u00eatre utilis\u00e9 par n\u2019importe quelle application souhaitant faire un affichage de page Web, elle peut \u00eatre exploit\u00e9e par un document Office (Excel, PowerPoint, Word\u2026) malveillant comportant une r\u00e9f\u00e9rence sur une page Web. Certains groupes de cyber-criminels utilisent d\u00e9j\u00e0 cette vuln\u00e9rabilit\u00e9 pour propager des ransomwares.<\/p>\n

 <\/p>\n

Le vecteur initial de la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444<\/h2>\n

L\u2019attaque est r\u00e9alis\u00e9e gr\u00e2ce \u00e0 une r\u00e9f\u00e9rence sur une page Web dissimul\u00e9e dans un document Office (par exemple .docx), propag\u00e9 g\u00e9n\u00e9ralement par e-mail. La vuln\u00e9rabilit\u00e9, exploit\u00e9e lorsque l\u2019utilisateur ouvre le document, permet d\u2019ex\u00e9cuter du code arbitraire.<\/p>\n

Pour ouvrir le document, Microsoft Word doit t\u00e9l\u00e9charger la page Web distante r\u00e9f\u00e9renc\u00e9e dans le document. Une fois le document ouvert, le contenu Web est instanci\u00e9 et ex\u00e9cut\u00e9 au sein d\u2019un composant ActiveX MSHTML dans Microsoft Word. Un comportement normal et l\u00e9gitime jusqu\u2019ici. Le code Javascript t\u00e9l\u00e9charge alors la charge virale (g\u00e9n\u00e9ralement un ransomware) sous forme d\u2019un fichier CAB contenant un fichier DLL, puis d\u00e9clenche sa d\u00e9compression gr\u00e2ce \u00e0 un composant HTML \u00ab <object> \u00bb. Le script exploite ensuite la vuln\u00e9rabilit\u00e9 CVE-2021-40444 en changeant l\u2019URL du composant MSHTML sur une chaine tr\u00e8s particuli\u00e8re qui permet in-fine le chargement du fichier DLL dans \u00ab rundll32.exe \u00bb.<\/p>\n

Le fichier DLL se retrouve ex\u00e9cut\u00e9 avec les privil\u00e8ges de l\u2019utilisateur local et la machine est alors compromise. \u00c0 ce stade, nos \u00e9quipes ne constatent pas d\u2019\u00e9l\u00e9vation de privil\u00e8ges au cours de l\u2019attaque.<\/p>\n

La vuln\u00e9rabilit\u00e9 Microsoft concerne 42 versions de Windows, de Windows 7 SP1 (32 ou 64 bits) \u00e0 Windows 10 (1809).<\/p>\n

 <\/p>\n

Les d\u00e9tails techniques de la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444<\/h2>\n

Fonctionnement de l\u2019exploitation de la vuln\u00e9rabilit\u00e9 CVE-2021-40444<\/h3>\n

Dans le principe d\u2019attaque global, l\u2019attaquant envoie un e-mail contenant le document malveillant \u00e0 sa cible en esp\u00e9rant que l\u2019utilisateur l\u2019ouvre dans la suite Microsoft Office. Dans l\u2019exemple, nous partirons du principe que c\u2019est Microsoft Word 2007+ qui ouvre le document.<\/p>\n

L\u2019exploitation, dans le cas du malware en cours d\u2019utilisation, se d\u00e9roule ainsi\u00a0:<\/p>\n

\"\"

Fig 1 : illustration de l\u2019exploitation de la vuln\u00e9rabilit\u00e9 CVE-2021-40444<\/p><\/div>\n

    \n
  1. \n
      \n
    1. Microsoft Word pr\u00e9charge le document et constate que le document contient une r\u00e9f\u00e9rence vers un fichier .html sur un serveur Web. Word instancie un composant ActiveX de rendu Web\u00a0\u00ab\u00a0MSHTML\u00a0\u00bb et lui demande de pointer sur l\u2019URL cible.<\/li>\n
    2. Word, au travers du composant ActiveX, t\u00e9l\u00e9charge le document HTML.<\/li>\n
    3. Le serveur Web cible est contr\u00f4l\u00e9 par l\u2019attaquant et ne fait que d\u00e9livrer une ressource HTML. Cette page Web contient du code Javascript obfusqu\u00e9 qui s\u2019ex\u00e9cute au sein du composant ActiveX de Word. Ce code instancie N composants ActiveX MSHTML au sein de la page Web.<\/li>\n
    4. Il demande le t\u00e9l\u00e9chargement du payload final sous forme de fichier CAB via XmlHttpRequest<\/em>. Ceci est possible car le moteur d\u2019Internet Explorer ne prend pas en charge les restrictions Cross-Origin.
      \n\"\"<\/li>\n
    5. Le serveur Web d\u00e9livre un fichier CAB contenant le payload final au format DLL. Le nom du fichier est \u00ab\u00a0inf<\/em>\u00bb. L\u2019extension n\u2019est pas \u00ab\u00a0.DLL\u00a0\u00bb afin de ne pas alerter les EDR et le CAB pr\u00e9cise que le fichier se trouve dans un r\u00e9pertoire \u00ab\u00a0..<\/em>\u00a0\u00bb. Ce d\u00e9tail a son importance pour la suite car les \u00e9l\u00e9ments sont stock\u00e9s en cache dans un sous r\u00e9pertoire al\u00e9atoire non maitris\u00e9 par l\u2019attaquant. La r\u00e9f\u00e9rence relative \u00ab\u00a0..\u00a0\u00bb permettra de revenir au r\u00e9pertoire parent et s\u2019affranchir de ce caract\u00e8re non maitris\u00e9.<\/li>\n
    6. Le code Javascript poursuit son ex\u00e9cution en instanciant un \u00e9l\u00e9ment HTML \u00ab\u00a0object\u00a0\u00bb en lui donnant en r\u00e9f\u00e9rence le fichier CAB, ce qui provoque son extraction dans \u00ab\u00a0..\/championship.inf<\/em>\u00bb. Ceci est un comportement l\u00e9gitime qui \u00e9tait largement utilis\u00e9 du temps de Flash Player dans les ann\u00e9es 2000. \u00c0 noter que comme le fichier CAB a \u00e9t\u00e9 pr\u00e9c\u00e9demment t\u00e9l\u00e9charg\u00e9, il se trouve dans le cache local.<\/li>\n
    7. Le code Javascript se sert des N composants ActiveX pr\u00e9c\u00e9demment instanci\u00e9s et positionne leur \u00ab\u00a0document.URL\u00a0\u00bb sur cette URL\u00a0: \u00ab\u00a0.cpl\u00a0:123<\/em>\u00bb. Ceci ne sert pas mais on constate d\u00e9j\u00e0 \u00e0 ce moment que le composant ActiveX, ne sachant pas ouvrir les fichiers \u00ab\u00a0.cpl<\/em>\u00a0\u00bb, transf\u00e8re le contr\u00f4le au programme associ\u00e9\u00a0: \u00ab\u00a0exe<\/em>\u00a0\u00bb\u00a0:
      \n\"\"<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n

       <\/p>\n

      Le programme \u00ab control.exe<\/em>\u00a0\u00bb a la particularit\u00e9 de se comporter en passe-plat sur \u00ab\u00a0rundll32.exe<\/em>\u00a0\u00bb et on retrouve cette ligne de commande\u00a0: \u00ab\u00a0\"C:\\WINDOWS\\system32\\rundll32.exe\" Shell32.dll,Control_RunDLL \".cpl:123\"<\/em>\u00a0\u00bb\u00a0:
      \n\"\"<\/p>\n

      Une autre particularit\u00e9 est que \u00ab\u00a0rundll32.exe<\/em>\u00a0\u00bb, avec cette chaine en param\u00e8tre, est capable de charger le fichier \u00ab\u00a0123<\/em>\u00a0\u00bb.
      \n\"\"<\/p>\n

      Ce principe est ensuite largement exploit\u00e9 par le code Javascript puisqu\u2019il utilise ses N composants ActiveX pr\u00e9c\u00e9demment instanci\u00e9s pour les envoyer sur les URL suivantes\u00a0:
      \n\"\"<\/p>\n

      Cela provoque N tentatives de chargement du fichier DLL \u00e0 divers emplacements possibles, en esp\u00e9rant qu\u2019au moins un sera le bon.
      \n\"\"<\/p>\n

      Ce fonctionnement aboutit au lancement du fichier et \u00e0 la compromission du poste.<\/p>\n

      IoC de la vuln\u00e9rabilit\u00e9 CVE-2021-40444<\/h3>\n

      Nom de domaine\u00a0:<\/strong><\/p>\n

        \n
      • Hidusi[.]com<\/li>\n
      • joxinu[.]com<\/li>\n
      • dodefoh[.]com<\/li>\n
      • pawevi[.]com<\/li>\n
      • sagoge[.]com<\/li>\n
      • comecal[.]com<\/li>\n
      • rexagi[.]com<\/li>\n
      • macuwuf[.]com<\/li>\n<\/ul>\n

        URI\u00a0:<\/strong><\/p>\n

          \n
        • \/e8c76295a5f9acb7<\/li>\n
        • \/e273caf2ca371919<\/li>\n
        • \/94cc140dcee6068a<\/li>\n
        • \/e32c8df2cf6b7a16<\/li>\n<\/ul>\n

          Header http\u00a0:<\/strong><\/p>\n

            \n
          • ETag: \"18f1-5caee365a20d1\"<\/li>\n
          • ETag: \"20b060-5caee369535c1\"<\/li>\n<\/ul>\n

            Hash de fichiers .docx\u00a0:<\/strong><\/p>\n

              \n
            • d0e1f97dbe2d0af9342e64d460527b088d85f96d38b1d1d4aa610c0987dca745<\/li>\n
            • a5f55361eff96ff070818640d417d2c822f9ae1cdd7e8fa0db943f37f6494db9<\/li>\n
            • 199b9e9a7533431731fbb08ff19d437de1de6533f3ebbffc1e13eeffaa4fd455<\/li>\n
            • 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52<\/li>\n
            • 3bddb2e1a85a9e06b9f9021ad301fdcde33e197225ae1676b8c6d0b416193ecf<\/li>\n
            • 5b85dbe49b8bc1e65e01414a0508329dc41dc13c92c08a4f14c71e3044b06185<\/li>\n
            • 1fb13a158aff3d258b8f62fe211fabeed03f0763b2acadbccad9e8e39969ea00<\/li>\n<\/ul>\n

              Dlls (beacon Cobalstrike) :<\/strong><\/p>\n

                \n
              • 6eedf45cb91f6762de4e35e36bcb03e5ad60ce9ac5a08caeb7eda035cd74762b<\/li>\n<\/ul>\n

                Autres :<\/strong><\/p>\n

                  \n
                • Letter before court 4.docx<\/li>\n
                • html<\/li>\n
                • cab<\/li>\n
                • inf<\/li>\n<\/ul>\n

                   <\/p>\n

                  Les moyens de protection fournis par Stormshield face \u00e0 la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444<\/h2>\n

                  Protection avec Stormshield Network Security<\/h3>\n

                  Les protections SNS sont r\u00e9alis\u00e9es via l\u2019IPS et trois nouvelles signatures :<\/p>\n

                    \n
                  • http:client:header.214<\/strong> d\u00e9tecte les tentatives de connexions vers les diff\u00e9rents C2 en fonctions des Hosts et des URLs fournis \u00e0 ce jour dans les IOCs\u00a0;<\/li>\n
                  • http:server:header.46<\/strong> et http:server.6<\/strong>d\u00e9tectent et bloquent le t\u00e9l\u00e9chargement des fichiers cab connus \u00e0 ce jour.<\/li>\n<\/ul>\n

                     <\/p>\n

                    \"\"<\/p>\n

                    Indice de confiance de la protection propos\u00e9e par Stormshield<\/p>\n

                    \"\"Indice de confiance de l\u2019absence de faux positif<\/p>\n

                     <\/p>\n

                    Protection avec Stormshield Endpoint Security<\/h3>\n

                    Les solutions SES (7.2 et Evolution) proposent deux r\u00e8gles permettant de prot\u00e9ger de l\u2019exploitation de la vuln\u00e9rabilit\u00e9 CVE-2021-40444 :<\/p>\n

                      \n
                    • La premi\u00e8re agit sur la cr\u00e9ation du processus control.exe par la suite Office (Word, Excel, PowerPoint, WordPad) ;<\/li>\n
                    • La seconde restreint les capacit\u00e9s de chargement ou d\u2019acc\u00e8s aux DLL jscript*.dll par la suite Office ce qui permet de bloquer le sch\u00e9ma d\u2019attaque correspondant \u00e0 la vuln\u00e9rabilit\u00e9.<\/li>\n<\/ul>\n

                       <\/p>\n

                      \"\"<\/p>\n

                      Indice de confiance de la protection propos\u00e9e par Stormshield<\/p>\n

                      \"\"<\/p>\n

                      Indice de confiance de l\u2019absence de faux positif<\/p>\n

                       <\/p>\n

                      Recommandations face \u00e0 la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444<\/h3>\n

                      Voici ci-dessous les recommandations qui ne concernent pas les produits Stormshield\u00a0:<\/p>\n

                        \n
                      • D\u00e9sactivez l\u2019ex\u00e9cution d\u2019ActiveX par la suite Office via les GPO\u00a0;<\/li>\n
                      • D\u00e9sactivez la pr\u00e9visualisation dans Microsoft Explorer (Shell Preview).<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"

                        C\u2019est la rentr\u00e9e pour les vuln\u00e9rabilit\u00e9s Zero-day, avec une faille dans le moteur de rendu HTML de Microsoft. Le point sur la vuln\u00e9rabilit\u00e9 critique CVE-2021-40444, avec l\u2019\u00e9quipe Stormshield Customer Security Lab.   Le contexte de la vuln\u00e9rabilit\u00e9 Microsoft CVE-2021-40444 Microsoft a communiqu\u00e9 ce mardi 7…<\/p>\n","protected":false},"author":83,"featured_media":190179,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1503],"tags":[4368],"business_size":[],"industry":[],"help_mefind":[],"features":[],"type_security":[],"maintenance":[],"offer":[],"administration_tools":[],"cloud_offers":[],"listing_product":[1565,1530],"class_list":["post-231980","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-alertes","tag-la-cybersecurite-par-stormshield","listing_product-ses-fr","listing_product-sns-fr"],"acf":[],"yoast_head":"\nCVE-2021-40444 : les protections avec les solutions Stormshield<\/title>\n<meta name=\"description\" content=\"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2021-40444 : les protections avec les solutions Stormshield\" \/>\n<meta property=\"og:description\" content=\"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\" \/>\n<meta property=\"og:site_name\" content=\"Stormshield\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-10T14:26:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-15T10:02:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1422\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Stormshield Customer Security Lab\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Stormshield\" \/>\n<meta name=\"twitter:site\" content=\"@Stormshield\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Stormshield Customer Security Lab\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\"},\"author\":{\"name\":\"Stormshield Customer Security Lab\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249\"},\"headline\":\"Alerte s\u00e9curit\u00e9 CVE-2021-40444 : la r\u00e9ponse des produits Stormshield\",\"datePublished\":\"2021-09-10T14:26:00+00:00\",\"dateModified\":\"2024-02-15T10:02:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\"},\"wordCount\":1450,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg\",\"keywords\":[\"La cybers\u00e9curit\u00e9 - par Stormshield\"],\"articleSection\":[\"Alertes\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\",\"url\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\",\"name\":\"CVE-2021-40444 : les protections avec les solutions Stormshield\",\"isPartOf\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg\",\"datePublished\":\"2021-09-10T14:26:00+00:00\",\"dateModified\":\"2024-02-15T10:02:03+00:00\",\"author\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249\"},\"description\":\"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage\",\"url\":\"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg\",\"contentUrl\":\"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg\",\"width\":2560,\"height\":1422},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.stormshield.com\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Alerte s\u00e9curit\u00e9 CVE-2021-40444 : la r\u00e9ponse des produits Stormshield\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/#website\",\"url\":\"https:\/\/www.stormshield.com\/fr\/\",\"name\":\"Stormshield\",\"description\":\"Stormshield\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.stormshield.com\/fr\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249\",\"name\":\"Stormshield Customer Security Lab\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/46b9416c400398c1a9fc878c7a35bd2ae4f79caeeda138facd5cb65a4ab91c5d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/46b9416c400398c1a9fc878c7a35bd2ae4f79caeeda138facd5cb65a4ab91c5d?s=96&d=mm&r=g\",\"caption\":\"Stormshield Customer Security Lab\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2021-40444 : les protections avec les solutions Stormshield","description":"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/","og_locale":"fr_FR","og_type":"article","og_title":"CVE-2021-40444 : les protections avec les solutions Stormshield","og_description":"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.","og_url":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/","og_site_name":"Stormshield","article_published_time":"2021-09-10T14:26:00+00:00","article_modified_time":"2024-02-15T10:02:03+00:00","og_image":[{"width":2560,"height":1422,"url":"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg","type":"image\/jpeg"}],"author":"Stormshield Customer Security Lab","twitter_card":"summary_large_image","twitter_creator":"@Stormshield","twitter_site":"@Stormshield","twitter_misc":{"\u00c9crit par":"Stormshield Customer Security Lab","Dur\u00e9e de lecture estim\u00e9e":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#article","isPartOf":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/"},"author":{"name":"Stormshield Customer Security Lab","@id":"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249"},"headline":"Alerte s\u00e9curit\u00e9 CVE-2021-40444 : la r\u00e9ponse des produits Stormshield","datePublished":"2021-09-10T14:26:00+00:00","dateModified":"2024-02-15T10:02:03+00:00","mainEntityOfPage":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/"},"wordCount":1450,"commentCount":0,"image":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg","keywords":["La cybers\u00e9curit\u00e9 - par Stormshield"],"articleSection":["Alertes"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/","url":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/","name":"CVE-2021-40444 : les protections avec les solutions Stormshield","isPartOf":{"@id":"https:\/\/www.stormshield.com\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage"},"image":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg","datePublished":"2021-09-10T14:26:00+00:00","dateModified":"2024-02-15T10:02:03+00:00","author":{"@id":"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249"},"description":"Le point face \u00e0 une nouvelle vuln\u00e9rabilit\u00e9 Zero-Day Microsoft. CVE-2021-40444 : vuln\u00e9rabilit\u00e9 critique dans Internet Explorer.","breadcrumb":{"@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#primaryimage","url":"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg","contentUrl":"https:\/\/www.stormshield.com\/wp-content\/uploads\/shutterstock_1534485395-scaled.jpg","width":2560,"height":1422},{"@type":"BreadcrumbList","@id":"https:\/\/www.stormshield.com\/fr\/actus\/alerte-securite-cve202140444-la-reponse-des-produits-stormshield\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.stormshield.com\/fr\/"},{"@type":"ListItem","position":2,"name":"Alerte s\u00e9curit\u00e9 CVE-2021-40444 : la r\u00e9ponse des produits Stormshield"}]},{"@type":"WebSite","@id":"https:\/\/www.stormshield.com\/fr\/#website","url":"https:\/\/www.stormshield.com\/fr\/","name":"Stormshield","description":"Stormshield","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.stormshield.com\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/a05f467cec789f90c8a355b178743249","name":"Stormshield Customer Security Lab","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.stormshield.com\/fr\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/46b9416c400398c1a9fc878c7a35bd2ae4f79caeeda138facd5cb65a4ab91c5d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/46b9416c400398c1a9fc878c7a35bd2ae4f79caeeda138facd5cb65a4ab91c5d?s=96&d=mm&r=g","caption":"Stormshield Customer Security Lab"}}]}},"_links":{"self":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/posts\/231980","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/comments?post=231980"}],"version-history":[{"count":10,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/posts\/231980\/revisions"}],"predecessor-version":[{"id":493407,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/posts\/231980\/revisions\/493407"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/media\/190179"}],"wp:attachment":[{"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/media?parent=231980"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/categories?post=231980"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/tags?post=231980"},{"taxonomy":"business_size","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/business_size?post=231980"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/industry?post=231980"},{"taxonomy":"help_mefind","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/help_mefind?post=231980"},{"taxonomy":"features","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/features?post=231980"},{"taxonomy":"type_security","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/type_security?post=231980"},{"taxonomy":"maintenance","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/maintenance?post=231980"},{"taxonomy":"offer","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/offer?post=231980"},{"taxonomy":"administration_tools","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/administration_tools?post=231980"},{"taxonomy":"cloud_offers","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/cloud_offers?post=231980"},{"taxonomy":"listing_product","embeddable":true,"href":"https:\/\/www.stormshield.com\/fr\/wp-json\/wp\/v2\/listing_product?post=231980"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}