Security News

Microsoft on Thursday officially confirmed that the "PrintNightmare" remote code execution vulnerability affecting Windows Print Spooler is different from the issue the company addressed as part of its Patch Tuesday update released earlier this month, while warning that it has detected exploitation attempts targeting the flaw. "A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," Microsoft said in its advisory.

The US House Committee on the Judiciary met on Wednesday to hear testimony on the government's practice of secretly subpoenaing cloud service providers, and Microsoft was happy to oblige. Tom Burt, Microsoft's veep of customer security & trust, testified as a representative of cloud service providers.

Microsoft has told Azure users to update PowerShell - if they are using versions 7.0 or 7.1 - to address a remote code execution vulnerability patched earlier this year. The tech giant has advised customers who manage their Azure resources using affected versions of the PowerShell task automation solution to update to versions 7.0.6 or 7.1.3.

Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks. Microsoft's confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines.

NET Core remote code execution vulnerability in PowerShell 7 caused by how text encoding is performed in. PowerShell provides a command-line shell, a framework, and a scripting language focused on automation for processing PowerShell cmdlets.

Microsoft has assigned CVE-2021-34527 to the print spooler remote code execution vulnerability known as "PrintNightmare" and confirmed that the offending code is lurking in all versions of Windows. The Windows giant also confirmed that the PrintNightmare vulnerability was being exploited in the wild.

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

The Dell SupportAssist RCE furore has rumbled on after infosec outfit Eclypsium snapped back at Microsoft's statement on the matter. The issue is a set of four vulnerabilities in Dell's SupportAssist remote firmware update utility that could have permitted arbitrary code to be run on a variety of PCs. The advisory was published last week, and Dell had worked with Eclypsium from March, well ahead of the public disclosure.

Netgear has patched serious security vulnerabilities in its DGN2200v1 network router, following the discovery of "Very odd behaviour" by a Microsoft security research team - a somewhat understated way of saying that attackers can gain "Complete control over the router." As a result, it's possible for remote attackers to take over the router at any time - as discovered by members of the Microsoft 365 Defender Research Team.

Netgear has patched serious security vulnerabilities in its DGN2200v1 network router, following the discovery of "Very odd behaviour" by a Microsoft security research team - a somewhat understated way of saying that attackers can gain "Complete control over the router." As a result, it's possible for remote attackers to take over the router at any time - as discovered by members of the Microsoft 365 Defender Research Team.