Under Review

Query if CVE-2021-40444 MSHTML Mitigations Are Applied

The current vulnerability CVE-2021-40444 MSHTML is a zero-day and is awaiting a patch.

You should consider the Microsoft guidance in their Security Update Guide: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

This query will serve to check your environment conditions for their recommend mitigation steps. It will not check if you've been impacted by the vulnerability. 

SELECT name, type, data, datetime(mtime, 'unixepoch', 'localtime') AS registryWriteTime,
   WHEN data = '3' THEN 'Microsoft ActiveX is Disabled'
   ELSE 'Current Microsoft Recommended Mitigations'
END AS mitigationStatus
FROM registry
WHERE path LIKE 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\%\1001' 
OR path LIKE 'HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\%\1004'