Articles about PrintNightmare

Microsoft's Windows 365 Cloud PC may only be a few weeks old, but a security flaw has already been found that can be exploited to extract Microsoft Azure credentials.

The credential extraction is made possible by the open-source tool Mimikatz, created by security researcher Benjamin Delpy (one of the names associated with exposing the PrintNightmare vulnerabilities). Admin privileges are required to execute the exploit it is concerning nonetheless.

Continue reading →

Just as there has been a spate of hugely problematic updates for Windows 10 over the last year, in recent weeks there has been a seemingly endless stream of security flaws relating to the Windows print spooler. Now Microsoft has acknowledged another zero-day vulnerability.

There is currently no fix available for the security bug, a Remote Code Execution vulnerability which is being tracked as CVE-2021-36958. However, Microsoft has offered up a (less than ideal) workaround for this latest vulnerability from the PrintNightmare family.

Continue reading →

The PrintNightmare vulnerability continues to cause headaches for Windows users and Microsoft alike. Similarly, Microsoft's seemingly endless stream of problematic updates continues to lead to frustration -- and August's Patch Tuesday updates have not broken the cycle.

Windows 10 users who have installed the KB5005033 update that was supposed to fix the PrintNightmare security flaw are reporting unwanted side effects. Among the problems being reported are issues with reduced performance, particularly in games.

Continue reading →

To help address the ongoing problems with the so-called PrintNightmare vulnerability (CVE-2021-34527), Microsoft has announced a change to the default behavior of the Point and Print feature in Windows.

The change has been delivered via the KB5005033 and KB5005031 update and means that in order to install printer drivers, users will have to have administrative privileges. This mitigates against the Windows Print Spooler vulnerability that allowed any user to install drivers via Point and Print, a fact that could be exploited to install a malicious drivers to allow for remote code execution and SYSTEM privileges.

Continue reading →

The PrintNightmare vulnerability has indeed proved to be something of a nightmare for Microsoft, and it's one that shows no signs of coming to an end. Security researchers have unearthed yet another method of exploiting the Windows print spooler vulnerability, making it possible for anyone to gain administrator privileges.

The latest method involves creating a remote print server and connecting to it. This causes Windows to install a driver which requires loading a DLL with System privileges -- a fact that can be exploited to launch an elevated Command Prompt. Even on a fully patched and updated copy of Windows 10 21H1, the attack works.

Continue reading →

The accidental revelation of the PrintNightmare security vulnerability in Windows set off a chain of workarounds, third-party patches, official patches and problems with patches. But even after two weeks of back and forth, there are still steps you need to take to ensure that you're fully protected.

Microsoft recently updated its security advisory notice about the vulnerability to include additional details that system administrators should check. A quick visit to the registry is all it takes to ensure complete security.

Continue reading →

The PrintNightmare vulnerability that was accidentally revealed recently has led to an almost laughable chain of events. After Microsoft suggested a workaround, a third-party released a patch, an official patch was eventually released, and said patch was found to not actually do the job it was supposed to.

The patch is not only ineffective -- although Microsoft disagrees -- it is also, very much in the tradition of patches for Windows, causing issues. People installing the KB5004945 patch report that they then have problems with printing.

Continue reading →

The recently revealed PrintNightmare vulnerability has been something of a farcical episode after details of the Windows security flaw were mistakenly revealed. Microsoft suggested a workaround but, as it broke printing, it was less than ideal.

Micropatching experts at 0patch released a free fix until Microsoft then released an official patch. The next chapter in the saga should surprise no one: Microsoft's patch has a problem. It doesn't really fix the security issue, leaving systems vulnerable.

Continue reading →

Microsoft has released a series of out of-band security patches for the PrintNightmare bug that was recently exposed. The remote code execution vulnerability exits in the Windows Print Spooler; it affects all versions of Windows, and the company is even offering patches for the unsupported Windows 7.

Previously, Microsoft had only been able to suggest workarounds to mitigate against the security problems, so it was left to 0patch to help out with a free bug-fix. But now patches are available for this serious security issue (CVE-2021-34527) that leaves systems at risk of attack.

Continue reading →

Micropatching specialist 0patch has stepped into help out with a fix for the PrintNightmare vulnerability that was recently accidentally leaked by security researchers.

While Microsoft has acknowledged that there is a security flaw in Windows Print Spooler that could lead to remotely compromised systems, the company has only offered workarounds rather than a patch. And so 0patch -- no stranger to helping out in such situations -- has stepped up to the plate and issued free micropatches of its own.

Continue reading →

When security researchers inadvertently published technical details of a remote execution vulnerability in Windows Print Spooler thinking (wrongly) that it had been patched, there was concern about the implications.

And rightly so. Microsoft has confirmed people's worst fears, saying that the PrintNightmare security flaw is already being exploited. There is a little good news, however. The company also suggests some workarounds that can be used to protect systems until a patch is produced.

Continue reading →

Security researchers have inadvertently leaked details of a critical Windows print spooler vulnerability, dubbed PrintNightmare, along with a proof-of-concept. The flaw -- said be a Stuxnet-style zero-day -- can be exploited to completely compromise a Windows system.

Microsoft issued a patch for CVE-2021-1675, described as a "Windows Print Spooler Elevation of Privilege Vulnerability" last Patch Tuesday, and this is when things went wrong. Having seen that this patch had been published, security researchers then released technical details of what they thought was the same vulnerability, along with a proof-of-concept. But they had in fact released information about a different -- albeit similar -- vulnerability.

Continue reading →