Microsoft releases an emergency Out-of-Band update for PrintNightmare Zero-Day

7 July 2021 [NO.TCSA : 20210707-1-1-P]

PUBLISHED:
7 July 2021

Microsoft releases an emergency Out-of-Band update for PrintNightmare Zero-Day

Microsoft has released an emergency security update (KB5004945) to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch addresses only the remote code execution (RCE) flaw and the vulnerability can still be locally exploited (LPE) to gain SYSTEM privileges.

Affected Versions

All versions of Windows.

Mitigation

Security update addresses following Microsoft Operating Systems.

  • Windows Server 2019
  • Windows Server 2012 R2
  • Windows Server 2008
  • Windows 8.1
  • Windows RT 8.1
  • Windows 10 (versions 21H1, 20H2, 2004, 1909, 1809, 1803, and 1507)

Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft. TechCERT strongly advises administrators to test and install these out-of-band security updates immediately to address the PrintNightmare vulnerability. Those who cannot install these updates as soon as possible should check out the FAQ and Workaround sections in the CVE-2021-34527 security advisory for info on how to protect their systems from attacks exploiting this vulnerability.

More Information

16 April 2024 [NO.TCSA : 20240416-1-1-P]

Critical Command Injection Vulnerability Found in Palo Alto Networks GlobalProtect

READ MORE READ MORE
9 February 2024 [NO.TCSA : 20240209-1-1-P]

Critical Remote Code Execution Vulnerability Found in FortiOS SSL VPN

READ MORE READ MORE
13 July 2023 [NO.TCSA : 20230713-1-1-P]

Fortinet Patches Critical Remote Code Execution Vulnerability in FortiOS/FortiProxy

READ MORE READ MORE
Read More BACK TO THREAT BULLETIN