Unsolved
10 Elder
•
44.4K Posts
0
647
"PrintNightmare" Zero-Day Security Hole
There’s a critical Windows bug that’s known by three different names and listed variously as having three different levels of severity.
On 21 June 2021, Microsoft upgraded CVE-2021-1675 security update to admit this bug could be used for RCE (remote code execution), making it an even more serious vulnerability than its previous rating as an EoP-only hole.
There’s no official patch yet even after applying the June'21 updates, but those patches will be necessary along with the one(s) to be developed to close the hole completely.
For now, there is a work-around. Read here and see if the work-around is appropriate for your setup and network. If you apply the work-around, you should undo it when an official patch becomes available from Microsoft.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
July 7th, 2021 03:00
Microsoft Releases Out-of-Band Security Updates for PrintNightmare | CISA
Security Update Guide - Loading - Microsoft
Available via Windows updates. For Win10 20H1, the KB# is 5004945. My Windows update automatically found and started downloading/installing it.
joe53
2 Intern
2 Intern
•
5.8K Posts
0
July 7th, 2021 18:00
Good info.
Just to note for those folks, who like me, have their settings configured to delay updates' installation, this out-of-band update bypasses this delay, and downloads this critical cumulative update automatically. I only had to restart my Win 10 systems to install.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
July 8th, 2021 04:00
Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability | Ars Technica
An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice, researchers said...
Despite Tuesday’s out-of-band patch being incomplete, it still provides meaningful protection against many types of attacks that exploit the print spooler vulnerability. So far, there are no known cases of researchers saying it puts systems at risk. Unless that changes, Windows users should install both the patch from June and Tuesday and await further instructions from Microsoft.
RoHe
10 Elder
10 Elder
•
44.4K Posts
0
July 8th, 2021 11:00
@ky331 Thanks for the latest update.
Guess this is what happens when they try to rush things...
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
July 9th, 2021 04:00
Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability – Microsoft Security Response Center
Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.