Security News

The PrintNightmare continues: Microsoft confirms presence of vulnerable code in all versions of Windows
2021-07-02 13:01

Microsoft has assigned CVE-2021-34527 to the print spooler remote code execution vulnerability known as "PrintNightmare" and confirmed that the offending code is lurking in all versions of Windows. The Windows giant also confirmed that the PrintNightmare vulnerability was being exploited in the wild.

Microsoft shares mitigations for Windows PrintNightmare zero-day bug
2021-07-02 06:56

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

PrintNightmare: Kicking users from Pre-Windows 2000 legacy group may thwart domain controller exploitation
2021-07-01 23:34

Another potential mitigation has emerged for the PrintNightmare zero-day vuln, which lets low-privileged users execute code as SYSTEM on Windows domain controllers: remove those people from a backwards-compatibility group. While the patch for CVE-2021-1675 also protects against PrintNightmare on most Windows devices, it didn't do so for domain controllers, which caused some puzzlement among security researchers.

Researchers Leak PoC Exploit for a Critical Windows RCE Vulnerability
2021-07-01 21:15

A proof-of-concept exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. The Windows maker addressed the vulnerability as part of its Patch Tuesday update on June 8, 2021.

CISA: Disable Windows Print Spooler on servers not used for printing
2021-07-01 16:09

The Cybersecurity and Infrastructure Security Agency has issued a notification regarding the critical PrintNightmare zero-day vulnerability and advises admins to disable the Windows Print Spooler service on servers not used for printing. "CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print," the US federal agency said.

PrintNightmare, the zero-day hole in Windows –  here’s what to do
2021-06-30 21:24

For details about the emergency patch released by Microsoft on 2021-07-06,please see: PrintNightmare official patch is out - update now! You'll also hear and see the flaw referred to as the Print Spooler bug, based on the headline on Microsoft's security update guide that describes the flaw as a Windows Print Spooler Vulnerability.

Windows 11 makes TPM Diagnostics tool its first optional feature
2021-06-30 19:43

Windows 11 comes with a new optional feature called 'TPM Diagnostics' that allows administrators to query the data stored on a device's TPM security processor. "TPM 2.0 is a critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data. In addition, for many enterprise customers, TPMs help facilitate Zero Trust security by providing a secure element for attesting to the health of devices."

Public Windows PrintNightmare 0-day exploit allows domain takeover
2021-06-30 17:20

Update: Microsoft acknowledged PrintNightmare as a zero-day that has been affecting all Windows versions since before June 2021 security updates. Technical details and a proof-of-concept exploit have been accidentally leaked for a currently unpatched vulnerability in Windows that allows remote code execution.

PoC Exploit Circulating for Critical Windows Print Spooler Bug
2021-06-30 16:02

UPDATE. A proof-of-concept for a critical Windows security vulnerability that allows remote code execution was dropped on GitHub on Tuesday - and while it was taken back down within a few hours, the code was copied and is still out there circulating on the platform. The bug exists in the Windows Print Spooler and has been dubbed "PrintNightmare" by researchers.

Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller
2021-06-30 15:19

An infosec firm accidentally published a proof-of-concept exploit for a critical Windows print spooler vulnerability that can be abused by rogue users to compromise Active Directory domain controllers. This security hole could be exploited by a normal user to execute code as an administrator on a system running the print spooler service.