Microsoft Urges Users to Patch 'PrintNightmare' Zero-Day Vulnerability
Microsoft has recently addressed a critical vulnerability, dubbed 'PrintNightmare', affecting all Windows servers and clients. Discovered by Tencent's Security Team, this zero-day exploit allows authenticated users to gain full SYSTEM-level privileges, posing a significant threat to Windows systems.
On June 29, 2021, the vulnerability was observed in the wild, prompting Microsoft 365 to release workarounds on the same day. These included disabling the Print Spooler service or restricting inbound remote printing via Group Policy. Just a week later, on July 6, Microsoft 365 issued patches to address the PrintNightmare zero-day vulnerabilities, including CVE-2021-34527.
To manage this vulnerability, Qualys offers its VMDR platform. It can identify, detect, prioritize, and remediate the issue. Additionally, a trial of Qualys VMDR is available to automatically identify and patch the critical PrintNightmare vulnerability (CVE-2021-34752). Qualys Policy Compliance can also evaluate the status of the 'Print Spooler' service and Point and Print restrictions settings.
Following the patches, security researchers found that the fixes were incomplete, and threat actors could still exploit a local privilege escalation vulnerability. Microsoft confirmed this on July 1, 2021, linking the zero-day to CVE-2021-34527 and classifying it as a Remote Code Execution (RCE) vulnerability. Users are urged to apply the patches and implement the recommended workarounds to mitigate the risk posed by PrintNightmare.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- Inquire about the purpose of Max.
- U.S. intelligence leader alleges UK succumbed to pressure over Apple data access request
- Politician's Rivalry Slips into Online Traps Made for Stealing Information via Social Media Phishes
