Microsoft Windows users should beware of the zero-day vulnerabilities that could infect their system after the company failed to fix the recent flaw. Regardless of the Windows version you have, you are now at risk of acquiring this vulnerability.
Vulnerability in Windows Installer Bug
(Photo : Christina @ wocintechchat.com from Unsplash )
Microsoft Windows Users at Risk: Zero-Day Vulnerabilities Appear After Failed Patch
In an interview with Bleeping Computer earlier this week, Cisco Talos’ head of outreach, Nic Biasini, said that they already investigated the exploit that emerged on Windows. They found out that some bad actors attempted to run it.
Biasini added that the case is most likely about the testing of it for future campaigns since the volume is low at the moment.
The cybersecurity experts found out that the vulnerability is hitting the Windows Installer bug (CVE-2021-41379) which Microsoft believed to have patched this November.
However, the flaw was seen to be a threat for Windows users since the malware creators could take over the whole system by replacing an executable file with an MSI file. This would allow them to run the code as an admin.
Abdelhamid Naceri, a cybersecurity researcher who spotted the zero-day vulnerabilities, posted an exploit code to Github. This proof-of-concept release would function even though Microsoft said that it has patched the flaw already.
Related Article: Windows Users Beware: Vulnerabilities Arise in Microsoft Office, Defender, and Edge-Experts
According to Naceri, Windows users should take precautionary measures in dealing with this flaw since it is more dangerous because it could ignore admin restrictions on the Windows installer.
Naceri wrote that the bug was not correctly fixed by the company. Upon analyzing the CVE-2021-41379 patch, he knew that this variant is deemed to be riskier than its version.
While there’s a solution that could fix the vulnerability, it’s still alarming for billions of Windows users since it could quickly spread from their systems. It’s even more dangerous since the newest operating systems such as Windows 10 and 11 could be the most affected among all Windows OS versions.
Still, the malware actors should first unlock physical access before starting their operation since this is not a remote exploit.
Microsoft Considers Flaw as Medium-Severity
Gizmodo reported on Wednesday, Nov. 23 that the tech giant considered the vulnerability under the medium severity category.
However, this is not the time to be relaxed in fixing it since Microsoft is indeed running out of time to solve this flaw, per Cisco’s Talos Security Intelligence and Research Group.
In the report, the company said that it was well-aware of the vulnerability in the Windows versions. It did not divulge any details about a particular timeline where it would issue a patch for the flaw.
Microsoft said that it will continue to seek solutions to keep its customers safe and protected. The firm assumed that an unknown attacker had access and the code to run the system.
Zero-Day Attacks Invaded Microsoft Office 365
Last September, Tech Times reported that Microsoft released a fix for the zero-day security flaw for Office 365 or 2019 . The malware spreads on Windows 10 through an Office document.
Read Also: Microsoft: Chinese Hackers Use Zero-Day to Exploit SolarWinds Software
This article is owned by Tech Times
Written by Joseph Henry
ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.