skip to Main Content

Cybersecurity, new zero-day vulnerability on Windows despite the last patch

New zero-day vulnerability on Windows despite the last patch. Abdelhamid Naceri discovered a flaw, which bypass the CVE-2021-41379 security update. It allows a privilege escalation to admin level

New zero-day exploit on Windows 10,11 and Server 2022. It has been discovered by the cybersecurity researcher Abdelhamid Naceri. The vulnerability allows a privilege escalation to admin level. Moreover, the flaw would bypass the patch just issued by the company to cover a “Windows Installer Elevation of Privilege Vulnerability” (CVE-2021-41379). Naceri published a Proof of Concept on Github, which overwrites Microsoft Edge elevation service DACL, copy itself to the service location and execute it to gain elevated privileges. Furthermore, there could be another zer-day, as Naceri affirms. He explained that “while I was working on CVE-2021-41379 patch bypass. I was successfuly able to product 2 msi packages, each of them trigger a unique behaviour in windows installer service. One of them is the bypass of CVE-2021-41379 and this one. I decided to actually not drop the second until Microsoft patch this one. So Be ready!”. The Malware Hunter JAMESWT reported on some malware samples, which exploit the zero-day flaw.

Back To Top