Warning — critical vulnerability in Microsoft Windows
The National Cyber Security Centre SK-CERT warns against a critical zero-day vulnerability in Microsoft Windows 10, Windows 11 and Windows Server 2022.
The vulnerability allows that any user account can become an administrator one without authorization. On 22 November 2021, a security researcher publicly disclosed the information and an exploit (a code representing a guide for exploiting the vulnerability) for the vulnerability that a local authenticated threat actor could exploit to elevate their privileges and gain admin privileges to access affected systems.
Researchers from Talos Security have already detected active exploitation of the vulnerability in more malware samples.
This zero-day vulnerability was discovered during the analysis of the security patch issued by Microsoft to fix the vulnerability tracked as CVE-2021-41379, of which the National Cyber Security Centre SK-CERT notified on 10 November 2021 as part of the V20211110-01 Security Alert.
No updates are currently available for this vulnerability. Microsoft has confirmed that it is working on the release of updates.
The National Cyber Security Centre SK-CERT (hereinafter referred to as SK-CERT) recommends monitoring the manufacturer‘s webpage or the SK-CERT webpage and updating the affected systems immediately after the security patch is released to all administrators and users. As it is the vulnerability in the Windows Installer component, we recommend not to install and update applications until the patch is released. According to the manufacturer, the update can be expected next Thursday (2 December 2021).
Sources:
https://github.com/klinix5/InstallerFileTakeOver
https://blog.talosintelligence.com/2021/11/attackers-exploiting-zero-day.html
« Späť na zoznam
