2021-11-24

InstallerFileTakeOver in use by Threat Actors

Level: 
Tactical
  |  Source: 
CiscoTalos
Cybersecurity
Share:

InstallerFileTakeOver in use by Threat Actors

Follow up on the vulnerability identified by security researcher, Abdelhamid Naceri, regarding the bypass of CVE-2021-41379 that was not properly patched by Microsoft in November 2021's patch Tuesday. The vulnerability enables a user to elevate their privileges to admin. Cisco Talos has identified malware samples in the wild taking advantage of this vulnerability.

     

Get trending threats published weekly by the Anvilogic team.

Sign Up Now