‘PrintNightmare’ Vulnerability Prompts Emergency Patch From Microsoft

Microsoft Issues Emergency Patch for 'PrintNightmare' Vulnerability | PCMag

PrintNightmare, the new critical vulnerability, was revealed last week when security researchers mistakenly published a proof-of-concept exploit code. Microsoft has released security updates to deal with the flaw, labeling it as critical.

The vulnerability allows attackers to remotely execute code with system-level privileges on any machine affected. Due to the Print Spooler service being a default service on Windows, Microsoft had to release patches for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1 as well as all Windows 10 versions. The severity of the issue is highlighted by the fact that Microsoft even had to release a patch for Windows 7 for the issue, even though Windows 7 support has ended.

Microsoft issued a 0-day alert fairly quickly for all Windows versions affected. The PrintNightmare vulnerability allows threat actors to install programs, modify existing data and even create new accounts with admin rights.

Microsoft said that they “recommend that you install these updates immediately,” and that “The security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as ‘PrintNightmare’, documented in CVE-2021-34527.”

As of the 7th of June, Microsoft has released an update that affects all versions of Windows still in support. Microsoft has released detailed steps to follow on how to install these updates:

“Microsoft recommends that you immediately install this update on all supported Windows client and server operating system, starting with devices that currently host the print server role,” they announced.

More Posts