Security News

Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability - known as "PrintNightmare" - that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. "The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system," the CERT Coordination Center said of the issue.

Windows 11 preview is now available for Windows Insiders and it will begin rolling out to the mainstream audience later this year. In addition to redesigned Start Menu and rounded corners, Windows 11 also comes with a new File Explorer and Settings app.

Microsoft is working to fix a known issue blocking Azure Virtual Desktops devices from downloading downloading and installing recent security updates via Windows Server Update Services. "We are investigating an issue where devices running Windows 10 Enterprise multi-session, version 1909 might not be able to download updates later than May 2021," Microsoft says in the Windows Health Dashboard.

PoC for critical Windows Print Spooler flaw leakedMicrosoft has confirmed that the so-called PrintNightmare vulnerability is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day. Cisco security devices targeted with CVE-2020-3580 PoC exploitAttackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.

Windows 11 may soon switch to a Black Screen of Death for operating system crash screens rather than the blue screen that has been used for many years. All Windows users have at one point experienced a Blue Screen of Death screen, also known as a BSOD, when the operating system crashes due to a hardware conflict or software bug.

Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. If your processor is old enough that it does not have one built-in fTPM, your motherboard's module will likely be TPM 1.2, which is not compatible with Windows 11.

Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks. Microsoft's confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines.

Microsoft has assigned CVE-2021-34527 to the print spooler remote code execution vulnerability known as "PrintNightmare" and confirmed that the offending code is lurking in all versions of Windows. The Windows giant also confirmed that the PrintNightmare vulnerability was being exploited in the wild.

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

Another potential mitigation has emerged for the PrintNightmare zero-day vuln, which lets low-privileged users execute code as SYSTEM on Windows domain controllers: remove those people from a backwards-compatibility group. While the patch for CVE-2021-1675 also protects against PrintNightmare on most Windows devices, it didn't do so for domain controllers, which caused some puzzlement among security researchers.