Security News
Microsoft has released an emergency fix for printing issues affecting Zebra and Dymo receipt or label printers caused by changes in the recently released KB5003690, KB5004760, and KB5004945 updates. Thursday night, Microsoft released an emergency fix for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1 to resolve these issues.
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to run arbitrary code on infected systems. "Several days ago, two security vulnerabilities were found in Microsoft Windows' existing printing mechanism," Yaniv Balmas, head of cyber research at Check Point, told The Hacker News.
Patches to fix a severe flaw in the Windows Print spooler are now available for Windows 10 Version 1607, Windows Server 2012 and Windows Server 2016. Microsoft has now released patches to protect all versions of Windows against the critical PrintNightmare flaw.
This week, PrintNightmare - Microsoft's Print Spooler vulnerability was upgraded from a 'Low' criticality to a 'Critical' criticality. Print Spooler in a nutshell: Print Spooler is Microsoft's service for managing and monitoring files printing.
Microsoft has released the KB5004948 emergency security update to address the Windows Print Spooler PrintNightmare vulnerability on all editions of Windows 10 1607 and Windows Server 2016. "An update has now been released for all affected versions of Windows that are still in support," Microsoft said in the Windows message center.
So a RCE with #printnightmare on a fully patched server, with Point & Print enabled. Mimikatz creator Benjamin Delpy, who is also responsible for the R&D Security Center at the Banque de France, shared a screenshot of a reversed-engineered Windows DLL with The Register and explained that the problem was down to how Microsoft was checking for remote libraries in its patch for PrintNightmare aka CVE-2021-34527.
Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed. "If you're using 0patch against PrintNightmare, DO NOT apply the July 6 Windows Update! Not only does it not fix the local attack vector but it also doesn't fix the remote vector. However, it changes localspl.dll, which makes our patches that DO fix the problem stop applying," tweeted the 0Patch service.
Microsoft on Tuesday issued an emergency software update to quash a security bug that's been dubbed "PrintNightmare," a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft's normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.
Fixing a serious security hole in the Windows Print spooler service, the patch is available for almost all versions of Windows, even Windows 7. Microsoft has deployed a patch for a vulnerability so critical that even older, unsupported versions of Windows are receiving it.
Microsoft has released an emergency patch for the PrintNightmare, a set of two critical remote code-execution vulnerabilities in the Windows Print Spooler service that hackers can use to take over an infected system. Microsoft on Tuesday released an out-of-band update for several versions of Windows to address CVE-2021-34527, the second of two bugs that were initially thought to be one flaw and which have been dubbed PrintNightmare by security researchers.