Posted on Leave a comment

Microsoft’s PrintNightMare Emergency Patch Can Be Bypassed.

As we all know how the PrintNightMare bug has made a huge NightMare for IT admins and Security teams , Luckily When Microsoft had released the emergency out-of-band patches to fix the vulnerability on its printspooler component and it was party time for the entire Technology world.

Guess What!!! The PrintNightMare patch can be bypassed(Evil Laugh).

Benjamin Delpy, the creator of famous tool “Mimikatz” and responsible for managing R&D at Banque de France , has shared the reverse engineered dll … Read more

Posted on Leave a comment

Microsoft Released the Patch For PrintNightmare vulnerability.

Microsoft has released the patch for the printNightMare vulnerability which has really created a Nightmare for the organizations.

The update(KB5005010) which was released by Microsoft for the wildly exploited vulnerability on printspooler component with CVE-2021-34527 has created a havoc in the IT industry .

After installing these updates, non-administrators are only allowed to install signed drivers to a print servers, on the other case, an administrators can install both the signed and unsigned printer drivers to the print servers.

Last … Read more

Posted on 1 Comment

Microsoft confirms that PrintNightmare Vulnerability is being exploited wildly.

Microsoft has confirmed that it has observed the exploitation attempts targeting the printspooler bug which is tracked under  CVE-2021-34527. Cyberworkx has accurately predicted this on our previous post.

Microsoft said “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with Read more

Posted on Leave a comment

Another Remote Code Execution Vulnerability On Windows Print Spooler.

Microsoft releases a new advisory warning the customers about another new remote code execution vulnerability on its Windows print spooler component which an attacker can take advantage to run arbitrary code with System level privileges.

“A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new … Read more

Posted on Leave a comment

Researcher Identifies New Print Spooler Arbitrary Code Execution Vulnerability in Windows.

During the current month ,we had seen the chain of vulnerabilities which are detected in Microsoft’s Print Spooler component along with the risks and impact of it(here, here, here).

Cert has released a detailed advisory on the one more new vulnerability identified on the printspooler component of Microsoft.

Microsoft Windows allows for users who lack administrative privileges to still be able to install printer drivers, which execute with SYSTEM privileges via the Print Spooler service. Read more

Posted on Leave a comment

Researcher from China Releases the POC Code for Critical Remote Code Execution Vulnerability.

Researcher with the twitter handle named RedDrip Team(QiAnXin) has released the first ever known POC code for the Critical Remote code Execution Vulnerability with CVE-2021-1675 on Print Spooler component .

Print Spooler is a component from Microsoft which manages the printing process also helps to retrieve the location of the correct printer driver, loading the driver, scheduling the printing job and so on.

Luckily Microsoft has addressed this vulnerability as a part of patch Tuesday on June 8, 2021(This patch … Read more