Security News > 2021 > July > Microsoft shares mitigations for Windows PrintNightmare zero-day bug

Microsoft shares mitigations for Windows PrintNightmare zero-day bug
2021-07-02 06:56

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare.

In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

At the moment, there are no security updates available to address the PrintNightmare zero-day, with Microsoft investigating the issue and working on a fix.

Microsoft also removed the confusion surrounding the bug by saying that "Similar but distinct from the vulnerability that is assigned CVE-2021-1675," which was patched in June.

In the second case, Microsoft says that "The system will no longer function as a print server, but local printing to a directly attached device will still be possible."

Until Microsoft releases PrintNightmare security updates, implementing the mitigations listed above is the easiest way to ensure that threat actors-and ransomware groups in particular-will not jump at the occasion to breach your network.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-shares-mitigations-for-windows-printnightmare-zero-day-bug/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-1675 Unspecified vulnerability in Microsoft products
Windows Print Spooler Remote Code Execution Vulnerability
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399