Microsoft has released the patch for the printNightMare vulnerability which has really created a Nightmare for the organizations.
The update(KB5005010) which was released by Microsoft for the wildly exploited vulnerability on printspooler component with CVE-2021-34527 has created a havoc in the IT industry .
After installing these updates, non-administrators are only allowed to install signed drivers to a print servers, on the other case, an administrators can install both the signed and unsigned printer drivers to the print servers.
Last week we had seen Carnegie Mellon has released a paper about this vulnerability stating “Microsoft Windows Print Spooler service fails to restrict access to the RpcAddPrinterDriverEx() function, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system”.
Microsoft has released updates to protect against CVE-2021-34527. Please see: https://t.co/QZATXCPXnx— Security Response (@msftsecresponse) July 6, 2021
“UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.” reads the update.
Cyberworkx readers can check for below temporary fix that can be applied if the patch needs to be test in UAT Environment before the installation in production servers.
–-For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1