All versions of Windows are affected by a new zero-day vulnerability after a failed earlier security patch — users need to be on the lookout for Microsoft to release a new one.
Details about a Windows Installer bug that a security patch earlier this month failed to fix, now with new and more serious vulnerabilities are discussed here by PC Mag. According to the article, all users can currently do is to wait for Microsoft:
Right now, there is no patch to fix this vulnerability and malware samples have been discovered in the wild. So it’s a known vulnerability and if it’s not being used already it will be pretty soon. Abdelhamid believes the only action users can take is to wait for Microsoft to release another security patch because of the complexity of the vulnerability, and “any attempt to patch the binary directly will break windows installer.”