InstallerFileTakeOver in use by Threat Actors
Industry: N/A | Level: Tactical | Source: CiscoTalos
Follow up on the vulnerability identified by security researcher, Abdelhamid Naceri, regarding the bypass of CVE-2021-41379 that was not properly patched by Microsoft in November 2021's patch Tuesday. The vulnerability enables a user to elevate their privileges to admin. Cisco Talos has identified malware samples in the wild taking advantage of this vulnerability.
- Anvilogic Use Case: Potential InstallerFileTakeOver CVE-2021-41379