Security News > 2021 > July > Microsoft struggles to wake from PrintNightmare: Latest print spooler patch can be bypassed, researchers say
So a RCE with #printnightmare on a fully patched server, with Point & Print enabled.
Mimikatz creator Benjamin Delpy, who is also responsible for the R&D Security Center at the Banque de France, shared a screenshot of a reversed-engineered Windows DLL with The Register and explained that the problem was down to how Microsoft was checking for remote libraries in its patch for PrintNightmare aka CVE-2021-34527.
Turning off the print spooler service on domain controllers and systems that do not print is the official guidance from Uncle Sam.
In short, disable the vulnerable the print spooler service on your Windows systems to prevent exploitation.
It may find itself having to push out a patch to patch the patch, in true Microsoft style.
Check the above link for the Registry keys and other requirements for what Microsoft says is a secure deployment - or just switch off print spooler and be done with it.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/07/07/printnightmare_fix_fail/
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-02 | CVE-2021-34527 | Improper Privilege Management vulnerability in Microsoft products <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. | 8.8 |