Free

CVE Series: InstallerFileTakeOver (CVE-2021-41379)

InstallerFileTakeOver (CVE-2021-36934) is a Windows elevation of privilege vulnerability that emerged in late 2021 and could allow a threat actor to acquire elevated SYSTEM-level access. You will exploit this vulnerability in a virtual lab environment and learn how to mitigate it so you can protect your organization.
1
35
M
Time
intermediate
difficulty
1
ceu/cpe

Course Content

Installer Exploit Introduction and Background

10m

InstallerFileTakeOver Exploitation
Root Cause and Detection Options

5m

InstallerFileTakeOver Mitigation
Installer Exploit Summary

5m

InstallerFileTakeOver Mitigation
Exploiting CVE-2021-41379 (Lab)

0m

InstallerFileTakeOver Exploitation
Course Description

Who should take this course?

Our InstallerFileTakeOver course is designed for an intermediate-level learner, someone who is a seasoned offensive security professional, SOC analyst, or Windows system administrator who wants to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have a functional understanding of Windows as an operating system, including core Windows components such as DACLs and named pipes.

Why should I take this course?

The InstallerFileTakeOver (CVE-2021-36934) is a Windows elevation of privilege vulnerability that could allow a threat actor to acquire elevated SYSTEM-level access. Our course shows you how to exploit and mitigate this vulnerability in a secure lab environment, giving you the skills you need to protect your organization.

What makes this course different from other courses on similar topics?

This course specifically covers a critical vulnerability that could affect your organization. Matt Mullins is a seasoned professional in offensive security with over a decade of experience where he has worked in medical, financial, and government spaces. Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.

Why should I take this course on Cybrary and not somewhere else?

Our InstallerFileTakeOver course enables you to learn from one of the foremost experts in the field and ensures your readiness to recognize and mitigate this CVE. Defenders will know how to protect their organization against this vulnerability. Offensive teams will be able to exploit this vulnerability. Our on-demand format affords you the flexibility to learn at your own pace.

This course is part of a Career Path:
No items found.

Instructed by

Senior Instructor
Matthew Mullins

Matt has led multiple Red Team engagements, ranging from a few weeks to a year and covering multiple security domains. Outside of Red Teaming, Matt is also a seasoned penetration tester with interests in: AppSec, OSINT, Hardware, Wifi, Social Engineering, and Physical Security. Matt has a Master's degree in Information Assurance and an exhaustive number of certifications ranging from frameworks, management, and hands-on hacking. Matt is a Technical SME at Cybrary, focusing on Adversarial Emulation and Red Teaming for course content.

Provider
Cybrary Logo
Certification Body
Certificate of Completion

Complete this entire course to earn a CVE Series: InstallerFileTakeOver (CVE-2021-41379) Certificate of Completion