Security News > 2021 > November > After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
2021-11-24 11:28

A local elevation of privilege vulnerability in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable.

Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day Initiative, has analyzed the patch for CVE-2021-41379 and found that the bug was "Not fixed correctly."

So he created and made available on GitHub a reliable proof-of-concept exploit that - others have confirmed - works on fully patched Windows 10, 11, and Windows Server 2022.

For the exploit to work, an attacker must already have access to the targeted Windows machine and Microsoft Edge must be installed on it.

There is currently no official workaround to mitigate the risk posed by this flaw and its failed patch.

Any attempt to patch the binary directly will break Windows Installer, Naceri notes, so users' and admins' best bet is to wait for Microsoft to come up with a new patch that actually works.


News URL

https://www.helpnetsecurity.com/2021/11/24/cve-2021-41379/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-11-10 CVE-2021-41379 Link Following vulnerability in Microsoft products
Windows Installer Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-59
5.5
5.5