Security News

Administrators are urged to apply the latest patches from Microsoft and disable the Windows Print spooler service in domain controllers and systems not used for printing. Microsoft is grappling with a couple of security holes in its Windows Print spooler service that could allow attackers to remotely control an affected system.

Fixing a serious security hole in the Windows Print spooler service, the patch is available for almost all versions of Windows, even Windows 7. Microsoft has deployed a patch for a vulnerability so critical that even older, unsupported versions of Windows are receiving it.

Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The survey of over 2,000 respondents from across the United States found that end users are not paying attention to the major attacks plaguing operational technology and critical infrastructure across the country, signaling the importance of businesses prioritizing a focus on security as employees return to the office.

Microsoft late Tuesday pushed out an emergency patch to cover the Windows 'PrintNightmare' security flaw. The issue caused major headaches in security research circles because the exploit targets CVE-2021-1675, a vulnerability that was patched by Microsoft on June 8 and originally misdiagnosed as a low-risk privilege escalation issue.

Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability - known as "PrintNightmare" - that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. "The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system," the CERT Coordination Center said of the issue.

Taiwan-based network-attached storage maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP's disaster recovery and data backup solution.

Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected exploitation attempts targeting the flaw. "A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," Microsoft said in its advisory.

NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in. PowerShell provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets.

A proof-of-concept exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. The Windows maker addressed the vulnerability as part of its Patch Tuesday update on June 8, 2021.

Security researchers at Microsoft are flagging multiple gaping security holes in firmware shipped on NETGEAR routers, warning that exploitation could lead to identity theft and full system compromise. The three vulnerabilities, rated critical by NETGEAR, affect the firmware on NETGEAR DGN-2200v1 series routers.