Microsoft releases security updates for ‘PrintNightmare’ cybersecurity vulnerability

Jul 07, 2021 - 03:27 PM
cybersecurity-hand-lock-graphic_900x400

Microsoft has released out-of-band security updates to address a remote code execution vulnerability — known as PrintNightmare (CVE-2021-34527) — in the Windows Print spooler service. The Computer Emergency Response Team Coordination Center (CERT/CC), part of the Software Engineering Institute at Carnegie Mellon University, last week reported a critical RCE vulnerability impacting the Windows Print Spooler service that allows a remote authenticated attacker to execute arbitrary code with system privileges on a vulnerable system.

The updates are cumulative and contain all previous fixes, as well as protections for CVE-2021-1675. The updates do not include Windows 10 version 1607, Windows Server 2012 or Windows Server 2016 — Microsoft states updates for these versions are forthcoming. According to CERT/CC, “the Microsoft update for CVE-2021-34527 only appears to address the Remote Code Execution (RCE via SMB and RPC) variants of the PrintNightmare, and not the Local Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU #383432 for workarounds for the LPE variant. 

The Cybersecurity & Infrastructure Security Agency encourages users and administrators to review the Microsoft security updates as well as CERT/CC Vulnerability Note VU #383432 and apply the necessary updates or workarounds. For additional background, see CISA’s initial communication.

Related News Articles

Headline
Agencies release fact sheet on potential of malicious activity by Iranian cyber actors 
The Cybersecurity and Infrastructure Security Agency, FBI, Department of Defense Cyber Crime Center and the National Security Agency June 30 released a fact…
Headline
CMS warns of phishing fax scheme; AHA monitoring other reported social engineering schemes 
The Centers for Medicare & Medicaid Services today announced it has identified a fraud scheme targeting Medicare providers and suppliers. CMS said scammers…
Headline
Agencies issue advisory on updated tactics by Play ransomware group
The FBI, Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre June 4 released an advisory on updated actions and tactics used…
Headline
Agencies release guidance on AI data security 
The National Security Agency, Cybersecurity and Infrastructure Security Agency and international partners May 22 released guidance on securing data used for…
Headline
Russian state-sponsored cyber actors targeting tech companies, others 
The FBI, along with the National Security Agency and other international cybersecurity agencies, this week released a joint agency advisory on cyber operations…
Headline
FBI warns of cyber actors exploiting end-of-life routers
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…