Microsoft has released an out-of-band security update to patch a critical vulnerability that could enable threat actors to remotely take over vulnerable systems by exploiting weaknesses in the Windows printer service.
PrintNightmare created havoc when it was accidentally disclosed by Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched by Microsoft.
The confusion was the result of Microsoft merging two bugs into one security indicator (CVE-2021-1675) and then addressing only the less critical of the two issues in the patch released in June.
- Here’s our recommendations for the best small business printers
- We've put together a list of the best endpoint protection software
- Check our list of the best firewall apps and services
In any case, Microsoft has just patched the second RCE vulnerability as well, which is now tracked separately as CVE-2021-34527.
The PrintNightmare vulnerability exists in the Print Spooler, which is used to manage printers or print servers, and is enabled by default on all Windows machines and the service.
Exploiting the vulnerability, an attacker could remotely execute code on a vulnerable system and elevate any low privileged user account to that of an administrator.
Microsoft has put out different patches to address the PrintNightmare vulnerability for a wide array of Windows releases, from the old Windows 7 and Windows Server 2008 versions, up to the latest Windows 10 and Windows Server 2019.
However, cybersecurity researcher Kevin Beaumont has expressed doubts on the efficacy of the patches, particularly on Windows Server 2012 R2. He says according to his analysis of the patches, they fix the RCE vulnerability, but fail to address the local privilege escalation bug “on some OSes in default config.”
- Protect your devices with these best antivirus software
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Dell ships new convertible laptop with a puzzling CPU that had 'people scratching their heads' — 9W Core Ultra U7-164U is probably Intel's most interesting laptop processor right now
Samsung finally launches its very first 1TB microSD card — but it hasn't gone on sale yet, so make sure you don't buy fake Evo Plus cards