No announcement yet.

Urgent Script for Windows 10 CVE-2021-40444 released Yesterday

  • Filter
  • Time
  • Show
Clear All
new posts

  • Urgent Script for Windows 10 CVE-2021-40444 released Yesterday


    I tried to update default registry scripts available in endpoint management to remotely change registry values as advised by Microsoft but I receive comodo error in the script,
    can you help ?

    CVE-2021-40444 - Security Update Guide - Microsoft - Microsoft MSHTML Remote Code Execution Vulnerability

    not working error
    2021/09/08 05:24:07 PM Failed Traceback (most recent call last): File "<string>", line 49, in <module> TypeError: popen() argument 1 must be string without null bytes, not str
    Attached Files

  • #2
    Hi rbo,

    We have shared your request with our script developers and provide you updated script.

    Kind Regards,


    • #3
      Here is a 'quick-n-dirty' script specifically for this CVE if anyone needs something fast. Tested on Win10 Pro and Win 7 Pro w/Powershell V5

      Download: EZT-Workaround-CVE-2021-40444.json
      • Includes ability to apply workaround registry entries for CVE-2021-40444.
      • Includes ability to undo workaround registry entries for CVE-2021-40444. For use after MS official hot-fix is released and applied
      • Includes ability to force restart of the endpoint after registry actions have been applied
      • IMPORTANT: If you enable both apply and undo at the same time, undo takes priority
      Installation for iTarian Procedures
      1. Download the procedure
      2. Within your ITSM portal, import the procedure under Configuration Templates - Procedures
      3. Configure desired procedure name, alert settings..etc
      4. Configure the default parameters for the procedure from the Parameters tab of the script. See Configuration Parameters below for explanations of each parameter
      5. Click Save - Ready to Review - Approve to finish. Assign to a profile and optionally a schedule of your liking
      6. (Recommended) Run the new procedure on a single test machine to ensure its working or configured as expected
      7. This script should be run as LocalSystem
      Configurable Parameters

      • Default: 1
      • Apply Workaround (Enabled=1,Disabled=0)
      • Default: 0
      • Remove Workaround (Enabled=1,Disabled=0)
      • Default: 0
      • Restart Computer (Enabled=1,Disabled=0)
      Last edited by eztech; 09-09-2021, 03:20 PM.


      • rbo
        rbo commented
        Editing a comment
        hello , I'm very very very interested to test but download link is KO KO KO

    • #4
      Hi PremJkumar

      We are also interested in this mitigation script, please keep us posted.

      Thanks a lot in advance!

      -- Javier Llorente
      Endpoint Security - Devoteam


      • #5
        Try again now. Been having some issues with the forum lately, sometimes it doesnt add the link correctly


        • rbo
          rbo commented
          Editing a comment
          ok download ok !²