Microsoft releases an emergency Out-of-Band update for PrintNightmare Zero-Day

7 July 2021 [NO.TCSA : 20210707-1-1-P]

PUBLISHED:
7 July 2021

Microsoft releases an emergency Out-of-Band update for PrintNightmare Zero-Day

Microsoft has released an emergency security update (KB5004945) to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch addresses only the remote code execution (RCE) flaw and the vulnerability can still be locally exploited (LPE) to gain SYSTEM privileges.

Affected Versions

All versions of Windows.

Mitigation

Security update addresses following Microsoft Operating Systems.

  • Windows Server 2019
  • Windows Server 2012 R2
  • Windows Server 2008
  • Windows 8.1
  • Windows RT 8.1
  • Windows 10 (versions 21H1, 20H2, 2004, 1909, 1809, 1803, and 1507)

Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft. TechCERT strongly advises administrators to test and install these out-of-band security updates immediately to address the PrintNightmare vulnerability. Those who cannot install these updates as soon as possible should check out the FAQ and Workaround sections in the CVE-2021-34527 security advisory for info on how to protect their systems from attacks exploiting this vulnerability.

More Information

21 April 2022 [NO.TCSA : 20220422-1-1-P]

A Critical Unauthenticated Remote Code Execution (RCE) Flaw Found in WSO2 API Manager, Identity Server & Enterprise Integrator

READ MORE READ MORE
19 April 2022 [NO.TCSA : 20220419-1-1-P]

Possible Increase of Intrusion Attempts on Sri Lankan Websites

READ MORE READ MORE
1 April 2022 [NO.TCSA : 20220401-1-1-P]

Spring4Shell – A Critical Remote Execution Found Spring Framework

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN