Tag Archives: PrintNightmare

Microsoft Releases Fix to PrintNightmare

“Out-of-Band (OOB) Security Update available for CVE-2021-34527” via Microsoft Security Response Center

“Today Microsoft released an Out-of-Band (OOB) security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. The fix that we released today fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections.”

More detail: https://msrc-blog.microsoft.com/2021/07/06/out-of-band-oob-security-update-available-for-cve-2021-34527/

Microsoft Gives Guidance to Mitigate PrintNightmare

“Microsoft shares mitigations for Windows PrintNightmare zero-day bug” via Sergiu Gatlan

“Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare.

This remote code execution (RCE) bug—now tracked as CVE-2021-34527—impacts all versions of Windows per Microsoft, with the company still investigating if the vulnerability is exploitable on all of them.

CVE-2021-34527 allows attackers to take over affected servers via remote code execution with SYSTEM privileges as it enables them to install programs, view, change, or delete data, and create new accounts with full user rights”

For more detail: https://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/