Security News > 2021 > July > The PrintNightmare continues: Microsoft confirms presence of vulnerable code in all versions of Windows
Microsoft has assigned CVE-2021-34527 to the print spooler remote code execution vulnerability known as "PrintNightmare" and confirmed that the offending code is lurking in all versions of Windows.
The Windows giant also confirmed that the PrintNightmare vulnerability was being exploited in the wild.
"PrintNightmare" is well named, since it permits an attacker to run arbitrary code with SYSTEM privileges.
Mitigations suggested so far have included shutting down the Windows Print Spooler service on domain controllers not used for printing or yanking users from a pre-Windows 2000 legacy group.
Microsoft's own workarounds start with disabling the Print Spooler service and end with disabling inbound remote printing through group policy.
The former stops all printing, while the latter will at least allow local printing even if print server duties are left broken.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/07/02/printnightmare_cve/
Related news
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-02 | CVE-2021-34527 | Improper Privilege Management vulnerability in Microsoft products <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. | 0.0 |