Security News > 2021 > November > After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
A local elevation of privilege vulnerability in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable.
Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day Initiative, has analyzed the patch for CVE-2021-41379 and found that the bug was "Not fixed correctly."
So he created and made available on GitHub a reliable proof-of-concept exploit that - others have confirmed - works on fully patched Windows 10, 11, and Windows Server 2022.
For the exploit to work, an attacker must already have access to the targeted Windows machine and Microsoft Edge must be installed on it.
There is currently no official workaround to mitigate the risk posed by this flaw and its failed patch.
Any attempt to patch the binary directly will break Windows Installer, Naceri notes, so users' and admins' best bet is to wait for Microsoft to come up with a new patch that actually works.
News URL
https://www.helpnetsecurity.com/2021/11/24/cve-2021-41379/
Related news
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover (source)
- Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel (source)
- Researchers claim Windows Defender can be fooled into deleting databases (source)
- Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-10 | CVE-2021-41379 | Link Following vulnerability in Microsoft products Windows Installer Elevation of Privilege Vulnerability | 5.5 |