National Public Safety Telecommunications Council
People and Vehicles : Firefighter, Policeman, Police cruiser, Ambulance
Vehicles : Fire truck, Ambulance, Police boat
People : Policemen
Towers : Towers on a ridge
Computers : monitor array
SAFECOM Cybersecurity Advisory: Zero-Day Attack Targeting Windows Users with Microsoft Office Documents
SAFECOM Cybersecurity Advisory Banner
Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows.  An attacker could craft a malicious ActiveX control to be used in a Microsoft Office document and would then have to convince the user to open the affected document.
This type of attack could impact a public safety agencies' ability to operate and easily take over a system.  For example, when Office opens a document, it checks to see if it originated from the Internet.  If so, Microsoft will open the document in "Protected View" and have a warning before a user clicks on "Enable Editing."  Unfortunately, many users tend to ignore the warning and choose to edit, which will allow the vulnerability to impact the system through malicious ActiveX controls.  Accounts configured to have fewer user rights on the system could be less impacted than accounts that operate with administrative user rights.
CISA encourages users and administrators to review Microsoft's Advisory and to implement the mitigations and workarounds.  In addition, we strongly encourage you to sign up for U.S. Computer Emergency Readiness Team (US-CERT) alerts at to receive timely, important updates.  Visit for additional cyber and communications resiliency resources.
Cybersecurity and Infrastructure Security Agency
Defend Today Secure Tomorrow