Lucene search
K

14 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/11/30 7:3 p.m.275 views

Ongoing Exploitation of Windows Installer CVE-2021-41379

CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-41379 | Microsoft Advisory | AttackerKB | Scheduled when patched | ASAP when released | December 3, 2021 3:00 PM ET See the Updates section at the end of this post for new informatio...

4.6CVSS0.4AI score0.67252EPSS
Exploits11
The Hacker News
The Hacker News
added 2021/11/25 8:10 a.m.725 views

Warning — Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild

Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos...

7.8CVSS8.4AI score0.20099EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/24 2:21 p.m.184 views

Windows Installer vulnerability becomes actively exploited zero-day

Sometimes the ways in which malicious code gets in the hands of cybercriminals is frustrating for those in the industry, and incomprehensible to those on the outside. A quick summary of the events in the history of this exploit: A researcher found a flaw in Windows Installer that would allow an...

4.6CVSS7.6AI score0.20099EPSS
Exploits0
ThreatPost
ThreatPost
added 2021/11/24 2:9 p.m.302 views

Attackers Actively Target Windows Installer Zero-Day

Attackers are actively exploiting a Windows Installer zero-day vulnerability that was discovered when a patch Microsoft issued for another security hole inadequately fixed the original and unrelated problem. Over the weekend, security researcher Abdelhamid Naceri discovered a Windows Installer...

7.8CVSS7.2AI score0.20099EPSS
Exploits0References12
hivepro
hivepro
added 2021/11/23 10:56 a.m.190 views

Microsoft could not patch this vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft released patches for 44 vulnerabilities on November 9th. CVE-2021-41379 was among them. However, installing this patch does not completely eliminate the vulnerability. An exploit for a new Windows zero-day local...

4.6CVSS8.1AI score0.20099EPSS
Exploits0
NVD
NVD
added 2021/11/10 1:19 a.m.23 views

CVE-2021-41379

Windows Installer Elevation of Privilege Vulnerability...

7.8CVSS0.20099EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/11/10 12:46 a.m.11 views

CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability

...

5.5CVSS7.2AI score0.20099EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/10 12:46 a.m.38 views

CVE-2021-41379 Windows Installer Elevation of Privilege Vulnerability

...

5.5CVSS7.1AI score0.20099EPSS
Exploits0References2
CVE
CVE
added 2021/11/10 12:46 a.m.1220 views

CVE-2021-41379

CVE-2021-41379 is a Windows Installer Elevation of Privilege vulnerability affecting Windows Installer across Windows 10/11 and Windows Server. Public details in connected sources describe the issue as a Windows Installer privilege-escalation flaw, with references to InstallerFileTakeOver as the ...

7.8CVSS7AI score0.20099EPSS
In wildExploits0References3Affected Software18
ATTACKERKB
ATTACKERKB
added 2021/11/10 12:0 a.m.299 views

CVE-2021-41379

Windows Installer Elevation of Privilege Vulnerability Recent assessments: NinjaOperator at November 22, 2021 3:59pm UTC reported: According to Florian Roth: “You can detect the exploitation of Windows InstallerFileTakeOver LPE CVE-2021-41379 with the published PoC with events from the...

9.8CVSS8.1AI score0.99992EPSS
In wildExploits149References3
OpenVAS
OpenVAS
added 2021/11/10 12:0 a.m.36 views

Microsoft Windows Multiple Vulnerabilities (KB5007192)

This host is missing a critical security update according to Microsoft KB5007192 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.74265EPSS
Exploits10References3
Tenable Nessus
Tenable Nessus
added 2021/11/09 12:0 a.m.84 views

KB5007245: Windows Server 2012 Security Update (November 2021)

The remote Windows host is missing security update 5007245 or cumulative update 5007245. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...

8.8CVSS7.8AI score0.74265EPSS
Exploits10References18
Tenable Nessus
Tenable Nessus
added 2021/11/09 12:0 a.m.126 views

KB5007233: Windows 7 and Windows Server 2008 R2 Security Update (November 2021)

The remote Windows host is missing security update 5007233 or cumulative update 5007236. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665,...

8.8CVSS7.8AI score0.74265EPSS
Exploits10References16
Tenable Nessus
Tenable Nessus
added 2021/11/09 12:0 a.m.232 views

KB5007192: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2021)

The remote Windows host is missing security update 5007192. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665, CVE-2021-41371 - A remote code...

8.8CVSS7.8AI score0.74265EPSS
Exploits10References25
Rows per page
Query Builder