Microsoft Windows Installer Vulnerability
Windows Installer Zero-Day actively being exploited by malware
Exloitation of the vulnerability could lead to attackers having sytem privileges running the latest Windows releases, including Windows 10, Windows 11, and Windows Server 2022. Learn More »
Common Vulnerabilities and Exposures
Background
Microsoft announced a vulnerability on Windows Installer as part of their Patch Tuesday. A security researcher discovered that the patch was not enough and have posted a proof of concept.
Threat Radar Overall Score: 2.6
CVSS Rating | 5.0 | |
FortiRecon Score | 70/100 | |
Known Exploited | Yes | |
Exploit Prediction Score | 0.58% | |
FortiGuard Telemetry | 8 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
November 9, 2021, Microsoft announced a privilege escalation vulnerability on Windows Installer.
on December 20, 2021, Security researcher Abdelhamid Naceri posted a proof of concept further exploiting the already-patched Windows Installer. Based on FortiGuard statistics from the last few days, Malware using this vulnerability is active in the wild.
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
AV
-
AV (Pre-filter)
-
IPS
-
Outbreak Detection
-
Threat Hunting
-
Assisted Response Services
-
Automated Response
-
NOC/SOC Training
-
End-User Training
-
Attack Surface Hardening
AV Blocks exploitation of malware related to Windows Installer Vulnerability (CVE-2021-41379)
AV (Pre-filter) Blocks exploitation of malware related to Windows Installer Vulnerability (CVE-2021-41379)
IPS Blocks exploitation of Windows Installer Vulnerability (CVE-2021-41379)
Outbreak Detection
Threat Hunting
Assisted Response Services Experts to assist you with analysis, containment and response activities.
Automated Response Services that can automaticlly respond to this outbreak.
NOC/SOC Training Train your network and security professionals and optimize your incident response to stay on top of the cyberattacks.
End-User Training Raise security awareness to your employees that are continuously being targetted by phishing, drive-by download and other forms of cyberattacks.
Attack Surface Hardening Check Security Fabric devices to build actionable configuration recommendations and key indicators.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.