Security News > 2021 > June > PrintNightmare, the zero-day hole in Windows – here’s what to do

PrintNightmare, the zero-day hole in Windows – here’s what to do
2021-06-30 21:24

For details about the emergency patch released by Microsoft on 2021-07-06,please see: PrintNightmare official patch is out - update now!

You'll also hear and see the flaw referred to as the Print Spooler bug, based on the headline on Microsoft's security update guide that describes the flaw as a Windows Print Spooler Vulnerability.

The bug was initially documented by Microsoft as opening up an EoP hole in pretty much every supported Windows version, all the way from Windows 7 SP1 to Server 2019.

On 21 June 2021, Microsoft upgraded the CVE-2021-1675 security update page to admit that the bug could be used for RCE as well, making it a more serious vulnerability than an EoP-only hole.

It's a Windows Print Spooler Remote Code Execution Vulnerability, just like CVE-2021-1675, but it's not prevented by the latest Patch Tuesday update.

Microsoft released an emergency patch on 2021-07-06,described here: PrintNightmare official patch is out - update now!


News URL

https://nakedsecurity.sophos.com/2021/06/30/printnightmare-the-zero-day-hole-in-windows-heres-what-to-do/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-1675 Unspecified vulnerability in Microsoft products
Windows Print Spooler Remote Code Execution Vulnerability 		0.0
0.0