Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day

3 July 2021 [NO.TCSA : 20210703-1-1-P]

PUBLISHED:
3 July 2021

Microsoft Publishes Mitigations for Windows PrintNightmare Zero-Day

Microsoft has published a security advisory with guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. This remote code execution (RCE) flaw is assigned with CVE-2021-34527 and impacts all versions of Windows. Currently, there is no security patch for the vulnerability.

The exploitation requires a user account that has access to the spooler service. Successful exploitation may lead to complete take over of a domain controller in an enterprise setup. Microsoft released patch updates to similar but distinct from the vulnerability CVE-2021-1675 in June security updates.

Affected Versions

  • All versions of Windows

Mitigation

  • Apply the workaround described in Microsoft Advisory
  • Use security hardened systems in the enterprise environment with absolute minimum required services enabled and running
  • Test and apply security updates to enterprise systems regularly and effectively

More Information

13 July 2023 [NO.TCSA : 20230713-1-1-P]

Fortinet Patches Critical Remote Code Execution Vulnerability in FortiOS/FortiProxy

READ MORE READ MORE
23 June 2023 [NO.TCSA : 20230623-1-1-P]

WSO2 Releases Patches for Vulnerabilities in API Manager, Identity Server, and Other Products

READ MORE READ MORE
12 June 2023 [NO.TCSA : 20230612-1-1-P]

Fortinet Releases Urgent Patches for Critical Pre-Authentication RCE Vulnerability in Fortigate SSL-VPN Devices

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN