CVE-2021-41379: Microsoft Windows Installer Privilege Escalation

Microsoft Windows Installer Privilege Escalation Vulnerability. Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.

• CISA KEV-listed (remediation due 2022-03-17)
• used in ransomware campaigns
• EPSS 1.0% (77.7% percentile)

Detection rules

• InstallerFileTakeOver LPE CVE-2021-41379 File Create Event critical
• Potential CVE-2021-41379 Exploitation Attempt critical
• LPE InstallerFileTakeOver PoC CVE-2021-41379 high

Browse the CVE database

Read the full analysis on IntelFusions