Microsoft Windows Users at Risk: Zero-Day Vulnerabilities Appear after a Failed Patch

Microsoft Windows users should be wary of zero-day vulnerabilities that could infect their systems after the company fails to correct the recent vulnerability. No matter what version of Windows you have, you are now at risk of acquiring this vulnerability.

Vulnerability in Windows Installer bug

(Photo: Christina @ wocintechchat.com from Unsplash)
Microsoft Windows Users at Risk: Zero-Day Vulnerabilities Appear after a Failed Patch

In an interview with Bleeping Computer earlier this week, Cisco Talos outreach manager Nic Biasini said they had already investigated the exploit that appeared on Windows. They discovered that bad actors had tried to perform it.

Biasini added that the case most likely relates to his testing for future campaigns, as the volume is low at the moment.

Cyber ​​security experts discovered that the vulnerability affected Windows Installer bug (CVE-2021-41379) that Microsoft believed it fixed in November.

However, the flaw was seen as a threat to Windows users, as malware creators could take control of the entire system by replacing an executable file with an MSI file. This would allow them to run the code as an administrator.

Abdelhamid Naceri, a cybersecurity researcher who spotted zero-day vulnerabilities, posted exploit code on Github. This proof of concept version would work even if Microsoft said it had already fixed the flaw.

Related article: Watch out for Windows users: Vulnerabilities arise in Microsoft Office, Defender, and Edge-Experts

According to Naceri, Windows users should take precautionary measures to deal with this flaw as it is more dangerous as it could bypass administrative restrictions on Windows installer.

Naceri wrote that the bug was not properly corrected by the company. By analyzing the CVE-2021-41379 patch, he knew that this variant was deemed to be riskier than its version.

While there is a solution that could fix the vulnerability, it remains alarming for billions of Windows users as it could spread quickly from their systems. This is even more dangerous as the newer operating systems such as Windows 10 and 11 could be the most affected among all versions of the Windows operating system.

However, malware actors must first unlock physical access before starting their operation, as this is not a remote exploit.

Microsoft considers Flaw to be medium severity

Gizmodo reported on Wednesday, November 23, that the tech giant considers the vulnerability to be in the medium severity category.

However, now is not the time to slack off to fix it because Microsoft is indeed running out of time to fix this flaw, according to Cisco’s Talos Security Intelligence and Research Group.

In the report, the company said it was well aware of the vulnerability of Windows versions. He did not disclose any details of a particular timeline where he would release a fix for the flaw.

Microsoft said it will continue to research solutions to keep customers safe and secure. The company assumed that an unknown attacker had access and the code to run the system.

Zero-Day Attacks Have Invaded Microsoft Office 365

Last September, Tech Times reported that Microsoft released a fix for the zero-day security vulnerability for Office 365 or 2019. The malware is spread to Windows 10 through an Office document.

Read also: Microsoft: Chinese hackers use Zero-Day to exploit SolarWinds software

This article is the property of Tech Times

Written by Joseph Henry

2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.