Patch Windows AppX Installer Spoofing Vulnerability (CVE-2021-43890)

Brenda Gratas October 13, 2022
- 3 min read

A critical vulnerability by the name of CVE-2021-43890 has emerged, posing a significant threat to Windows 10 systems. This security flaw in the Windows AppX Installer can lead to potential data breaches or take control of your system. 

In this blog post, we’ll provide a comprehensive overview of CVE-2021-43890, its potential risks, the available fix, and how InvGate Insight simplifies the process of identifying vulnerable devices and Patch Management.

Don't miss out on this critical information! Continue reading to stay informed about CVE-2021-43890 and take proactive measures to protect your systems and sensitive data. 

About CVE-2021-43890

CVE-2021-43890 is a spoofing vulnerability in the Windows AppX Installer, which is used to install AppX apps on Windows 10 systems. This vulnerability allows an attacker to trick a user into installing a malicious AppX app that appears to be from a trusted source.

CVE-2021-43890 has been exploited in the wild by the Emotet/TrickBot/Bazaloader family of malware. 

How does CVE-2021-43890 work?

The vulnerability is caused by a failure in the Windows AppX Installer to validate the authenticity of AppX packages properly. This allows an attacker to create a malicious AppX package that appears to be from a trusted source, such as Microsoft. When the user installs the malicious AppX package, it will execute the attacker's code.

What are CVE-2021-43890 risks?

An attacker could trick you into installing a malicious AppX app that appears to be from a trusted source. This malicious app could then execute the attacker's code on your system, allowing them to steal your personal information, such as your passwords, credit card numbers, and other sensitive data. It could also damage or take control of your system.

Is CVE-2021-43890 fixed?

Yes, Microsoft has released a patch for CVE-2021-43890. To install it, users should install the latest security updates for Windows 10. 

How to find devices exposed to CVE-2021-43890

With InvGate Insight, you can quickly detect devices that are impacted by the CVE-2021-43890 vulnerability. Follow these instructions to proceed with the identification process efficiently:

  1. Open InvGate Insight and go to the Explorer tab.
  2. Type in the Search bar “Software name, is:Microsoft Windows” to filter all Windows devices.
  3. Add another filter to the Search bar to see all devices missing the security patch. To do that, add the following filter: “Reported version, is not:” and paste Microsoft’s patched version (Windows 10 version 22H2, released on October 18, 2022).

Use InvGate Insight to find devices exposed to CVE-2021-43890

The bottom line

In summary, CVE-2021-43890 is a spoofing vulnerability in the Windows AppX Installer that can lead to potential data breaches or take control of your system. Microsoft has addressed this issue with a patch, which users should install by updating their Windows 10 systems. 

InvGate Insight simplifies the process of identifying devices that still lack the security patch, making it easier for organizations to manage their patching efforts. Request a 30-day free trial and try it for yourself.

Read other articles like this : vulnerabilities

Read other articles like this:

Evaluate InvGate as Your ITSM Solution

30-day free trial - No credit card needed

Service Desk
IT Service Management AI ITSM Enterprise Service Management Ticket Management Self-Service Workflows
ITAM
IT Asset Management Asset Inventory CMDB Network Discovery Metering
Learn
ITSM ITIL ESM SLAs Help Desks Ticket Volume
InvGate
AI Hub About Us Why InvGate? Partners Careers Contact Us Leave a Review
Compare With
Jira Service Now Clarity Freshservice Manage Engine Other Alternatives
Privacy Policy Quality Policy Cookie Policy Terms and Conditions Solutions Terms and Conditions © InvGate