Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day
3 July 2021 [NO.TCSA : 20210703-1-1-P]
PUBLISHED:
3 July 2021
Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day
Microsoft has published a security advisory with guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. This remote code execution (RCE) flaw is assigned with CVE-2021-34527 and impacts all versions of Windows. Currently, there is no security patch for the vulnerability.
The exploitation requires a user account that has access to the spooler service. Successful exploitation may lead to complete take over of a domain controller in an enterprise setup. Microsoft released patch updates to similar but distinct from the vulnerability CVE-2021-1675 in June security updates.
Affected Versions
Mitigation
- Apply the workaround described in Microsoft Advisory
- Use security hardened systems in the enterprise environment with absolute minimum required services enabled and running
- Test and apply security updates to enterprise systems regularly and effectively
More Information
13 July 2023 [NO.TCSA : 20230713-1-1-P]
Fortinet Patches Critical Remote Code Execution Vulnerability in FortiOS/FortiProxy
READ MORE
23 June 2023 [NO.TCSA : 20230623-1-1-P]
WSO2 Releases Patches for Vulnerabilities in API Manager, Identity Server, and Other Products
READ MORE
12 June 2023 [NO.TCSA : 20230612-1-1-P]
Fortinet Releases Urgent Patches for Critical Pre-Authentication RCE Vulnerability in Fortigate SSL-VPN Devices
READ MORE