Microsoft’s emergency patch update cannot counter the use of the zero-day vulnerability PrintNightmare, so attacks are still possible. So far, no cases are known in which researchers have compromised their systems.
Microsoft Emergency Patch Update On Tuesday, June 6, the IT giant released an emergency patch update to address the PrintNightmare ZeroDay vulnerability. According to Ars Technica, the system update is said to have completely fixed a serious bug in all supported versions of Windows that allowed attackers to hijack the infected system from users.
Microsoft has released updates to protect against CVE-2021-34527. Please see: https://t.co/QZATXCPXnx
— Security Response (@msftsecresponse) July 6, 2021
In a tweet, Mimikatz developer Benjamin Delpy said that he is currently working on strings and file names, which is tricky. Various errors in the Windows print spooler. It is, however, an application that provides printing functions for local area networks. Except that the exploit code is suddenly released to make it public.
Microsoft’s emergency security update adds restrictions.
According to reports, the new update introduces a mechanism that allows Windows administrators to use stricter restrictions each time they install the printer software – CVE202134527.
Moreover, Ars Technica spoke of the security team of printer operators selecting to install signed and unsigned printer drivers for their print servers. In addition, the management group (such as printer drivers) only installs signed printer drivers.
Microsoft’s update on Tuesday is incomplete, but it still provides reasonable protections to prevent various attacks that exploit security vulnerabilities in the print spooler. Yet, there are no known cases of researchers breaking their systems.
Protection to fight against various attacks
Hacker to gain administrator rights. As soon as the bug came to light, Microsoft immediately released an emergency patch update on Tuesday, June 6th, to fix the bug. However, a researcher showed that exploits could prevent Microsoft’s emergency patch update with the update’s release.
Microsoft’s Incomplete Patch is the latest bug affecting the PrintNightmare ZeroDay vulnerability.
Microsoft has released a patch that will close the PrintNightmare vulnerability – this zero-day is being actively exploited and you need to either patch or mitigate ASAP
— Brad Sams (@bdsams) July 6, 2021
Eventually, the researchers who discovered the June bug determined that the PrintNightmare ZeroDay vulnerability is similar to CVE20211675 install the printer software. However, before installing the July 6th update and other new Windows updates that contain protection against CVE202134527.
Ars Technica mentioned that the Printer Operators Security Group might install signed and unsigned printer drivers for their print servers. Install signed printer drivers.
Although Microsoft’s Tuesday update is incomplete, it still offers some protection against various attacks aimed at exploiting the print spooler vulnerability.
This vulnerability was much worse RCE, and it has been seen being exploited on the dark web.
Image courtesy of Lawrence Systems/YouTube