Skip to content

Microsoft releases security update to patch PrintNightmare vulnerability

Microsoft has released an out-of-band security update for the Windows Print Spooler vulnerability, known as PrintNightmare, that was uncovered last week.

The vulnerability (CVE-2021-34527) impacts the Windows Print Spooler service, which would allow remote code execution and a potential takeover of the system by an attacker. The emergency security update will fix the critical vulnerability. It is a cumulative update release and contains previous security fixes too.

The vulnerability was discovered after a group of researchers from Sangfor, a Chinese software company, accidentally published a proof-of-concept exploit on Github on June 29. Although the test code was removed from Github in a few hours, it was assumed that the code would allow cybercriminals to exploit the Print Spooler vulnerability and execute code with system-level privileges remotely.

Once the attacker has control over a vulnerable machine, they could install programs, modify data and create new accounts.

Microsoft identified the vulnerability and issued an alert about the 0-day on June 2. The security patch started rolling out on June 6.

Microsoft recommends that the update should be installed immediately. The update also includes a new feature that would allow people to “implement stronger protections” by restricting the installation of new printer drivers.

The security update will not be available to all Windows versions. The patch for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 isn’t ready yet.

For those stuck without a security patch for the time being, here is a workaround to mitigate the vulnerability.

The options mainly revolve around disabling the Windows Print Spooler service or disabling inbound remote printing through the Group Policy Editor to remove the remote attack vector. In this case, your system will not function as a print server, but you’ll still be able to print locally from a device attached to your PC.

Windows PrintNightmare vulnerability is being actively exploited

“Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527..”

MSRC

In the News: Nintendo Switch OLED will be available for $350 starting October 8

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. If you're running an Adblocker, we humbly request you to whitelist us.

Share on facebook
Share on whatsapp
Share on twitter
Share on reddit
Share on linkedin
Share on pocket
Share on pinterest
Share on telegram
Share on stumbleupon
Share on digg
Share on tumblr
Share on email
Share on skype
Share on xing
Share on vk
Share on odnoklassniki
Share on mix








>