Articles Unofficial patch for PrintNightmare vulnerability

Unofficial patch for PrintNightmare vulnerability


Last week, we reported  that a PoC exploit appeared on the network for the dangerous vulnerability CVE-2021-34527 in Windows Print Spooler (spoolsv.exe), which the researchers named PrintNightmare. The problem affects all versions of Windows, can even affect XP and Vista, and helps remotely execute arbitrary code with SYSTEM privileges, which allows an attacker to install programs, view, modify or delete data, and create new accounts with user rights.

There is no patch for this vulnerability yet, and Microsoft experts reported that the problem is already being exploited in real life, although the company did not specify whether this is being done by cybercriminals or information security researchers.

Microsoft engineers offered administrators several solutions to the problem. For example, it is recommended to disable Print Spooler altogether by blocking printing locally and remotely. It is also possible to disable incoming remote printing through Group Policy, which will block the main vector of potential attacks. In the second case, “the system will no longer function as a print server, but local printing from directly connected devices will still be possible.”

Now a third option has appeared: the experts involved in the development of the 0patch solution have  prepared temporary patches (or micro-patches) for this problem. Let me remind you that 0patch is a platform designed just for such situations, that is, fixing 0-day and other unpatched vulnerabilities, to support products that are no longer supported by manufacturers, custom software, and so on.

Micropatches are available for Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2008 R2, as well as Windows 10 v20H2, Windows 10 v2004, and Windows 10 v1909.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you