Security News > 2021 > July > Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability
A proof-of-concept exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down.
The Windows maker addressed the vulnerability as part of its Patch Tuesday update on June 8, 2021.
"Either the attacker exploits the vulnerability by accessing the target system locally, or remotely; or the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability," Microsoft said in its advisory.
Things took a turn when Chinese security firm QiAnXin earlier this week disclosed it was able to find the "Right approaches" to leverage the flaw, thereby demonstrating a successful exploitation to achieve RCE. Although the researchers refrained from sharing additional technical specifics, Hong Kong-based cybersecurity company Sangfor published what's an independent deep-dive of the same vulnerability to GitHub, along with a fully working PoC code, where it remained publicly accessible before it was taken offline a few hours later.
"We deleted the PoC of PrintNightmare. To mitigate this vulnerability, please update Windows to the latest version, or disable the Spooler service," tweeted Sangfor's Principal Security Researcher Zhiniang Peng.
Update - There are now indications that the fix released by Microsoft for the critical remote code execution vulnerability in the Windows Print spooler service in June does not completely remediate the root cause of the bug, according to the CERT Coordination Center, raising the possibility that it's a zero-day flaw in need of a patch.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/RiE4TN0RrSs/researchers-leak-poc-exploit-for.html
Related news
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Patching problems: The “return” of a Windows Themes spoofing vulnerability (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)