Security News > 2021 > July > Microsoft shares mitigations for Windows PrintNightmare zero-day bug
Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare.
In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.
At the moment, there are no security updates available to address the PrintNightmare zero-day, with Microsoft investigating the issue and working on a fix.
Microsoft also removed the confusion surrounding the bug by saying that "Similar but distinct from the vulnerability that is assigned CVE-2021-1675," which was patched in June.
In the second case, Microsoft says that "The system will no longer function as a print server, but local printing to a directly attached device will still be possible."
Until Microsoft releases PrintNightmare security updates, implementing the mitigations listed above is the easiest way to ensure that threat actors-and ransomware groups in particular-will not jump at the occasion to breach your network.
News URL
Related news
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Microsoft: April 2025 updates break Windows Hello on some PCs (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-08 | CVE-2021-1675 | Unspecified vulnerability in Microsoft products Windows Print Spooler Remote Code Execution Vulnerability | 0.0 |