Sangfor Technologies researchers accidentally published a proof of concept exploit for PrintNightmare via GitHub on June 29. According to MalwareBytes, the researchers believed their exploit was addressed by a June 8 security update to Windows 10 for another vulnerability, CVE-2021-1675. The researchers deleted " />
Department of News

Microsoft Confirms ‘PrintNightmare’ Vulnerability Affects All Windows Versions

 / July 4, 2021

Sangfor Technologies researchers accidentally published a proof of concept exploit for PrintNightmare via GitHub on June 29. According to MalwareBytes, the researchers believed their exploit was addressed by a June 8 security update to Windows 10 for another vulnerability, CVE-2021-1675. The researchers deleted that repository, but it can still be found online.

Microsoft said in a security bulletin that PrintNightmare, to which it assigned the identifier CVE-2021-34527, is “similar but distinct from the vulnerability that is assigned CVE-2021-1675.” It also said attackers can exploit PrintNightmare to “install programs; view, change, or delete data; or create new accounts with full user rights” after gaining SYSTEM privileges on a device.

The vulnerability is found in code related to the Windows Print Spooler executable that handles pretty much every aspect of the process involved with printing something from a PC. Microsoft said that by default Windows Print Spooler launches alongside Windows and only closes when the operating system itself is shut down. That makes it an attractive target for attackers.

Source

The Big Boss and Dictator of The Cult of the Crispy Geek

Random Posts

Online safety bill passes the Australian senate

June 29, 2021

Millions of web surfers are being targeted by a single malvertising group

April 20, 2021

Program pushes ‘right to repair’ for broken Apple products

April 11, 2021

Leave a Reply