Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day

3 July 2021 [NO.TCSA : 20210703-1-1-P]

PUBLISHED:
3 July 2021

Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day

Microsoft has published a security advisory with guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. This remote code execution (RCE) flaw is assigned with CVE-2021-34527 and impacts all versions of Windows. Currently, there is no security patch for the vulnerability.

The exploitation requires a user account that has access to the spooler service. Successful exploitation may lead to complete take over of a domain controller in an enterprise setup. Microsoft released patch updates to similar but distinct from the vulnerability CVE-2021-1675 in June security updates.

Affected Versions

  • All versions of Windows

Mitigation

  • Apply the workaround described in Microsoft Advisory
  • Use security hardened systems in the enterprise environment with absolute minimum required services enabled and running
  • Test and apply security updates to enterprise systems regularly and effectively

More Information

9 March 2023 [NO.TCSA : 20230309-1-1-P]

A Critical Code Execution Flaw Found in FortiOS and FortiProxy Administrative Interfaces

READ MORE READ MORE
20 February 2023 [NO.TCSA : 20230220-1-1-P]

Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb

READ MORE READ MORE
16 January 2023 [NO.TCSA : 20230116-1-1-P]

Cacti Crisis: Severe Vulnerability Exploited in the Wild

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN