Microsoft states that their Defender for Endpoint products protect against CVE-2021-40444 (MSHTML). Do we have the same protection in Intercept X products?
Robert - Labs is working on this actively - you can follow twitter updates here: https://twitter.com/SophosLabs/status/1435368778200666112?s=20
Here is also some guidance from Paul Ducklin: https://nakedsecurity…
Here is a pastebin of IoC's you could add to blocked items in Sophos Central https://pastebin.com/jpu4QF9i as an extra precaution
Nice! Thanks Alex.
Here is the link to 2 queries:https://community.sophos.com/intercept-x-endpoint/i/threat-hunting/query-if-cve-2021-40444-mshtml-mitigations-are-applied