• Language chooser
    • USA (English)
    • France (Français)

Microsoft Windows Installer Vulnerability

Released: Nov 26, 2021


High Severity

Microsoft Windows Platform

Vulnerability Type

Windows Installer Zero-Day actively being exploited by malware.

Exloitation of the vulnerability could lead to attackers having sytem privileges running the latest Windows releases, including Windows 10, Windows 11, and Windows Server 2022. Learn More »

Common Vulnerabilities and Exposures

CVE-2021-41379

Background

Microsoft announced a vulnerability on Windows Installer as part of their Patch Tuesday. A security researcher discovered that the patch was not enough and have posted a proof of concept.

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


November 9, 2021, Microsoft announced a privilege escalation vulnerability on Windows Installer.


on December 20, 2021, Security researcher Abdelhamid Naceri posted a proof of concept further exploiting the already-patched Windows Installer. Based on FortiGuard statistics from the last few days, Malware using this vulnerability is active in the wild.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT
  • AV

  • AV (Pre-filter)

  • IPS

DETECT
  • Outbreak Detection

  • Threat Hunting

RESPOND
  • Assisted Response Services

  • Automated Response

RECOVER
  • NOC/SOC Training

  • End-User Training

IDENTIFY
  • Attack Surface Hardening

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...

Indicators of compromise Indicators of compromise
IOC Indicator List
Indicator Type Status
9e4763ddb6ac4377217c382cf6e61221efca0b0254074a3... file Active
e724ae8b0ec29fc3dc537d4c73be74952963dc9423bc0a4... file Active
4e7544132ad5dfed67753cc1202d4a371deb015f9a11fc2... file Active
2d8471cf29e205c9df9d1235e3acfff3d99810bdc262667... file Active
76fe99189fa84e28dd346b1105da77c4dfd3f7f16478b05... file Active
5d97d3035b2ec1bd16016922899350693cae5f7a3be6cad... file Active
a018545b334dc2a0e0c437789a339c608852fa1cedcc88b... file Active
0f3fc83f646f1a40b4c5083a23f2407e5c83e79d9096c9a... file Active
13fe508e7efb50378eb8e0225221283756bf482d51be783... file Active
9d24383e50e61257c565e47ec073cbb2cd751b6f650f0d5... file Active
402722d95d468ddef049e1079c882bb9a316841b9695a15... file Active
2c3f91fcb22930f3c489bf231d93843180d7292740b5fae... file Active
7504ad270561de62a2b3177ac76688ddf8fa51a69edf3e1... file Active
c16aed9f5e22a60c20200965cd8399da17e206e36fcc467... file Active
bec4c34e037d1d5e4884281d6544dc7040c42bb7a884a35... file Active
47ab5f95a364e2cab265552d7fcb9ce5b90fed599097f69... file Active
db39daa78c58afdc12da6bcc42df4fac69258abf3b70c31... file Active
edb7b5016b1a66f705530ebce57064cfc3e6ef9b4492ecd... file Active
d025564e6dc872cff32f2295e0b5a2d8e3a21fbef1957fa... file Active
8850ee108968ea6ef620dee4a921bfa04528d7b652c69de... file Active
f181b8ae88f6c657c3ec3d1d5e8420fbf340c543b3d9292... file Active
61e7657ebb08c7e6d46e1109e709798cf5a19219fc1b668... file Active
3c78e07924e1503be1f8785c23d0dd813f04211992cbd6a... file Active
f5d1e03335b78fd7fcad9e65df23149889241019f81f98e... file Active
9ef16ea3bc12b8b186a4d0da24a3b4e87173f95faaeef96... file Active
c3286c8d50915ce51aa7dc574d6d60398136e7b92df9de0... file Active
942462f9d0daca095f8a124695e8b78c03a0ba23e28aef9... file Active
7f8ee1840da79255ed4fbf305ea6f7a76cde88dc543dd5c... file Active
f285006661a7c47aab70034566a3f1daf6ea7d09d31ed85... file Active
f98fdca935f84e00b2091c6565132a84bce2843a3ccb644... file Active
f323e4d24f9c26da608b4cd4c3737aa186112d8ff2e3c85... file Active
02669e743b7649335ca5ad7966f9cc3ac00383fd99e65c5... file Active
cd51e07ecd3b6f0842a15dbf320ace1d5f048272079686c... file Active
5d7883ee90c6e85f0c0757fb00b148aa551a22b6c7d5467... file Active
d445052d999d057a87785f6224eeb1e8f55c42b672357c7... file Active
a2dd5d518ee7f5f3e04ef4d909a405173f640a9bb356e12... file Active
b4c368d97af370ed0608c49802119ccc5cb3a5e75bd0c3f... file Active
61a6fd4e720f9bf76b0c0541063f614050f24c298ec6e73... file Active
676b95aa77aa45ce02938aef4af4d6284ebd1c9bfc73937... file Active
2705e5f3191a6ecaf641e7f3582d3dd70ade0edf1feeb66... file Active
57ec6e15bcc9c79c118f97103815bd74226d4baae334142... file Active
e1981ef675d250d458f631212abaeafc6ed9161fdadd1ad... file Active
1fe63ba4b112edf2e4ec228ae95db0a3867cfbb6d48c1c1... file Active
8a4cf41419ceaae40f5ef4ba0085911190c06b4d940c6e7... file Active
313f7bc69b9291a577035084b098bcf4ca86c943c42c69d... file Active
0185eb8294ca76dfe90a4c57444860f98156a10d8634664... file Active
a24c199bc3a16fa3f93590cf92dfb74836e6f7bc4e9e347... file Active
69bc3930f6116cb200f0d2382713a49c18170fdf829b307... file Active
6bc06e9a12db2d8f21cb71f508c6d0cd58f0bfa26781a6e... file Active
c5fd9773a122f58c5019b0fb4c058d555c254547f199867... file Active
0f27a908326e75a54ecf69ae08e5f60624e22937c129329... file Active
4c6d9509bb36e3858dfde9913834eb755684f2c1e24e6a5... file Active
b1c1317408ac38fcd26cf0b1c8653700d496213b6a6a87f... file Active
697c3bc8c3bf1f67b4ce22c5533d53bb59a7a8722dcca9a... file Active
d421caa59e681591c59bcff8a72991757bf99003f5b658c... file Active
dc65cd6311fd764a89d0761932bef61a89fd979510bd9ff... file Active
3ac2c3ecc8f5d146660b4b71b4a2650349301a2a560ce5d... file Active
b8cbcee520fd408bc5594e89fb323ae130896570d2c48cc... file Active
885541a837fd52711c83cb7f4204cf0aa97af8ae5ef9b1e... file Active
f88c215cd3edc5768ae22f3047f5369f07166105ef2f632... file Active
4b70041971c3db7f64bc469576b842979459e8fd69beec5... file Active
0dcda614c0128813bf74802f0e98ffd5ec32a40f35ed427... file Active
1c2d927d62632e71b68e8073afc2154df1c00b6f51da06a... file Active
670b7ecddd5e5d8b6840464d644a7354da74beb150206c7... file Active
54a4801b3ace13a0605806887692740bfa759bb38a26f94... file Active
eddf352c62be8f005f17ded1e44fc6a7ebe8aa170c64226... file Active
6617f9c1e656983bd82b1194b659d64e0a07ca76c086e72... file Active
80b386d53b5e364dee5f3e66d20bb336533ab06a79a3f41... file Active
70b27d27eaf3a98b2d8b9b2f65bedd03684d681e0a6d25a... file Active
c9e1cbfb3325fb944cfb017d80d3fa313ffb5c53d5859c7... file Active
ce442372cef6724126620684aab87118a148c5eaa68c660... file Active
ec650d8953e5fb5f482777eb8c6c332765ef82d6b2ed803... file Active
41bdf59ac871b800d3a55324bb1998c72b5badb850eb946... file Active
25ede9ac0d3c6d4902f277ab5b9d9994317d81611040af7... file Active
c4ebd59a96d80972cadc49e7e8c28dd5835c213c62682fa... file Active
Indicators of compromise Indicators of compromise
IOC Threat Activity

Last 30 days

Chg

Avg 0