The ASEC analysis team has recently discovered the distribution of malicious files that include a new vulnerability CVE-2021-40444 which was revealed by Microsoft in September. It is noteworthy that the confirmed document files are all North Korea-related materials. North Korea-related malicious files have been evolving in new ways since the past. Seeing that the attackers are using a new vulnerability, they are quickly applying the new techniques in their distribution.
CVE-2021-40444 is a vuln…