A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable.

What’s more, it is already being leveraged by malware developers.

About the flaw and the exploit

Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day Initiative, has analyzed the patch for CVE-2021-41379 and found that the bug was “not fixed correctly.”