• Skip to primary navigation
  • Skip to main content
nGuard

nGuard

Call us p. 704.583.4088
  • Solutions
    • Security Assessments
    • Compliance
    • Cyber Security Incidence Response
    • Penetration Testing
    • Managed Event Collection
    • Vulnerability Management
    • Red Teaming
    • Mobile Security
    • Cloud Security
  • Industries
    • Healthcare
    • Energy
    • Information Technology
    • Manufacturing
  • About Us
    • Our Company
    • Careers
    • Blog
  • Contact
Client PortalSpeak to An Expert

CVE-2021-41379

URGENT Windows Zero-Day | InstallerFileTakeover

Yesterday afternoon Bleeping Computer reported on a critical Windows zero-day affecting all flavors of Windows client and server operating systems. A flaw in Microsoft’s patch for CVE-2021-41379 led to a post-authentication privilege escalation vulnerability that allows an attacker to pivot from a standard user account to NT AUTHORITY\SYSTEM with ease. Considering that there is currently no patch, it is essential that organizations begin alerting on this before breaking for Thanksgiving. Inform yourself and your team by reviewing the materials below.

Resources:

  • Bleeping Computer Disclosure Article
  • Born’s Tech Additional Information
  • GitHub PoC Exploit Code
  • /r/cybersecurity Detection Information

Filed Under: Advisory, Compliance, Events, General, Products & Services, Vulnerabilities & Exploits Tagged With: CVE-2021-41379, InstallerFileTakeOver, Windows Zero Day

nGuard

nGuard

3540 Toringdon Way
Suite 200
Charlotte, NC 28277-4650

info@nGuard.com

Client Portal

Solutions

  • Security Assessments
  • Compliance
  • Cyber Security Incident Response
  • Penetration Testing
  • Managed Event Collection
  • nGuard Vulnerability Management
  • Mobile Security
  • Cloud Security

Industries

  • Energy
  • Healthcare
  • Manufacturing
  • Information Technology

About Us

  • Our Company
  • Careers
  • Blog

© 2023 nGuard. All rights reserved.

  • Privacy Policy