Microsoft releases security updates for ‘PrintNightmare’ cybersecurity vulnerability

Jul 07, 2021 - 03:27 PM
cybersecurity-hand-lock-graphic_900x400

Microsoft has released out-of-band security updates to address a remote code execution vulnerability — known as PrintNightmare (CVE-2021-34527) — in the Windows Print spooler service. The Computer Emergency Response Team Coordination Center (CERT/CC), part of the Software Engineering Institute at Carnegie Mellon University, last week reported a critical RCE vulnerability impacting the Windows Print Spooler service that allows a remote authenticated attacker to execute arbitrary code with system privileges on a vulnerable system.

The updates are cumulative and contain all previous fixes, as well as protections for CVE-2021-1675. The updates do not include Windows 10 version 1607, Windows Server 2012 or Windows Server 2016 — Microsoft states updates for these versions are forthcoming. According to CERT/CC, “the Microsoft update for CVE-2021-34527 only appears to address the Remote Code Execution (RCE via SMB and RPC) variants of the PrintNightmare, and not the Local Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU #383432 for workarounds for the LPE variant. 

The Cybersecurity & Infrastructure Security Agency encourages users and administrators to review the Microsoft security updates as well as CERT/CC Vulnerability Note VU #383432 and apply the necessary updates or workarounds. For additional background, see CISA’s initial communication.

Related News Articles

Headline
White House issues executive order on cybersecurity for AI
The White House issued an executive order June 2 on cybersecurity efforts regarding artificial intelligence. The order instructs federal…
Headline
Guide issued for healthcare organizations on cyber governance frameworks for secure AI implementation 
The Health Sector Coordinating Council’s Cybersecurity Working Group has released a guide to help healthcare organizations establish cyber governance…
Headline
FBI issues alert on cyber actors impersonating IT personnel 
The FBI has released an alert on a cyber threat group called the Silent Ransom Group, which has targeted healthcare and other industries in recent years using…
Headline
CISA issues revised virtual town hall schedule for input on proposed cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 26 announced a revised schedule for its series of virtual town hall meetings for public input on…
Headline
Microsoft disrupts Fox Tempest malware attacking health care, other sectors 
Microsoft announced May 19 that it disrupted operations of Fox Tempest, a threat actor operating as a malware-signing-as-a-service used by cybercriminals to…
Headline
Blog highlights top 3 cyber risks for health care in 2026
An AHA Cyber & Risk Intel blog by John Riggi, AHA national advisor for cybersecurity and risk, explores what health care leaders need to consider to reduce…