virus logo Outbreak Alert

Microsoft Windows Installer Vulnerability

Released: Nov 26, 2021

Download PDF »

Windows Installer Zero-Day Vulnerability Tags

High Severity

Microsoft Windows Platform

Subscribe

Windows Installer Zero-Day actively being exploited by malware

Exloitation of the vulnerability could lead to attackers having sytem privileges running the latest Windows releases, including Windows 10, Windows 11, and Windows Server 2022. Learn More »

Common Vulnerabilities and Exposures


Background

Microsoft announced a vulnerability on Windows Installer as part of their Patch Tuesday. A security researcher discovered that the patch was not enough and have posted a proof of concept.

Click here to analyze the

Real-Time Threat Map

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


November 9, 2021, Microsoft announced a privilege escalation vulnerability on Windows Installer.


on December 20, 2021, Security researcher Abdelhamid Naceri posted a proof of concept further exploiting the already-patched Windows Installer. Based on FortiGuard statistics from the last few days, Malware using this vulnerability is active in the wild.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • AV

  • AV (Pre-filter)

  • IPS

DETECT

  • Outbreak Detection

  • Threat Hunting

RESPOND

  • Assisted Response Services

  • Automated Response

RECOVER

  • NOC/SOC Training

  • End-User Training

IDENTIFY

  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.