CISA Known Exploited Vulnerability

CVE-2021-41379 Ransomware

Microsoft · Windows

Microsoft Windows Installer Privilege Escalation Vulnerability

Date added 2022-03-03

BOD 22-01 due date 2022-03-17

CWE CWE-1386

Ransomware Known

CISA description

Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.

Apply updates per vendor instructions.

Vulnerability data triggers these controls during assessment and continuous monitoring.