14 matches found
Ongoing Exploitation of Windows Installer CVE-2021-41379
CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-41379 | Microsoft Advisory | AttackerKB | Scheduled when patched | ASAP when released | December 3, 2021 3:00 PM ET See the Updates section at the end of this post for new informatio...
Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild
Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos...
Windows Installer vulnerability becomes actively exploited zero-day
Sometimes the ways in which malicious code gets in the hands of cybercriminals is frustrating for those in the industry, and incomprehensible to those on the outside. A quick summary of the events in the history of this exploit: A researcher found a flaw in Windows Installer that would allow an...
Attackers Actively Target Windows Installer Zero-Day
Attackers are actively exploiting a Windows Installer zero-day vulnerability that was discovered when a patch Microsoft issued for another security hole inadequately fixed the original and unrelated problem. Over the weekend, security researcher Abdelhamid Naceri discovered a Windows Installer...
Microsoft could not patch this vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft released patches for 44 vulnerabilities on November 9th. CVE-2021-41379 was among them. However, installing this patch does not completely eliminate the vulnerability. An exploit for a new Windows zero-day local...
CVE-2021-41379
Windows Installer Elevation of Privilege Vulnerability...
CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability
...
CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability
...
CVE-2021-41379
CVE-2021-41379 is a Windows Installer Elevation of Privilege vulnerability affecting Windows Installer across Windows 10/11 and Windows Server. Public details in connected sources describe the issue as a Windows Installer privilege-escalation flaw, with references to InstallerFileTakeOver as the ...
CVE-2021-41379
Windows Installer Elevation of Privilege Vulnerability Recent assessments: NinjaOperator at November 22, 2021 3:59pm UTC reported: According to Florian Roth: “You can detect the exploitation of Windows InstallerFileTakeOver LPE CVE-2021-41379 with the published PoC with events from the...
Microsoft Windows Multiple Vulnerabilities (KB5007192)
This host is missing a critical security update according to Microsoft KB5007192 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB5007245: Windows Server 2012 Security Update (November 2021)
The remote Windows host is missing security update 5007245 or cumulative update 5007245. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...
KB5007233: Windows 7 and Windows Server 2008 R2 Security Update (November 2021)
The remote Windows host is missing security update 5007233 or cumulative update 5007236. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665,...
KB5007192: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2021)
The remote Windows host is missing security update 5007192. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665, CVE-2021-41371 - A remote code...