Microsoft has actually launched the KB5004948 emergency situation security upgrade to resolve the Windows Print Spooler PrintNightmare vulnerability on all editions of Windows 10 1607 and Windows Server 2016. “An upgrade has actually now been launched for all impacted variations of Windows that are still in assistance,”Microsoft stated In the Windows message. The PrintNightmare bug tracked as CVE-2021-34527 allows assailants to take control of afflicted servers through remote code execution(RCE)with SYSTEM opportunities . Comprehensive actions on how to set up these out-of-band security updates are readily available in the assistance files connected listed below:”Microsoft suggests that you instantly install this upgrade on all supported Windows customer and server os, beginning with gadgets that presently host the print server function,”the business included.
“You likewise have the alternative to set up the RestrictDriverInstallationToAdministrators computer system registry setting to avoid non-administrators from setting up signed printer chauffeurs on a print server. For additional information, see KB5005010.”Microsoft’s PrintNightmare security spot is insufficient While Microsoft states these security updates deal with the PrintNightmare vulnerability, security scientists have actually found that the spot is insufficient and it can be bypassed to attain both remote code execution and regional opportunity escalation with the main repair set up.
0patch has actually launched totally free PrintNightmare micropatches on Friday that can sucessfully obstruct efforts to make use of the vulnerability. Windows users and admins are advised to do among the following till a working spot from Microsoft is launched: The Microsoft repair launched for current #PrintNightmare vulnerability addresses the remote vector-nevertheless the LPE variations still operate. These work out of package on Windows 7, 8, 8.1, 2008 and 2012 however need Point & Print set up for Windows 2016,2019,10 & 11(?). https://t.co/PRO3p99CFo– Hacker Fantastic (@hackerfantastic )July 6, 2021 CISA has actually likewise released an alert on the PrintNightmare zero-day recently motivating security experts to disable the Windows Print Spooler service on systems not utilized for printing. BleepingComputer has actually connected to Microsoft concerning these security updates however has not heard back at this time. Source