PrintNightmare

From Wikipedia, the free encyclopedia
PrintNightmare
CVE identifier(s)CVE-2021-1675
CVE-2021-34527
Date discoveredJune 29, 2021; 5 months ago (2021-06-29)
Date patchedJuly 6, 2021; 5 months ago (2021-07-06)[1]
DiscovererSangfor[2][3]
Affected softwareMicrosoft Windows

PrintNightmare is a critical security vulnerability affecting the Microsoft Windows operating system.[2][4] The vulnerabilility occurs within the print spooler service.[5][6] There are two variants, one permitting remote code execution (CVE-2021-34527), and the other leading to privilege escalation (CVE-2021-1675).[6][7] A third vulnerability (CVE-2021-34481) was announced July 15th and upgraded to remote code execution by Microsoft in August.[8][9]

On July 6, 2021, Microsoft started releasing out-of-band (unscheduled) patches attempting to address the vulnerability.[10] Due to its severity, Microsoft released patches for Windows 7 and Windows Server 2012, despite being out of their mainstream support period.[11][10] The patches resulted in some printers ceasing to function.[12][13] Researchers have noted that the vulnerability has not been fully addressed by the patches.[14] After the patch is applied, only administrators will be able to install printer drivers on a Windows print server, as part of the vulnerability related to the ability of non-administrators to install printer drivers on the system.[15]

The organization which discovered the vulnerability, Sangfor, published a proof of concept in a public GitHub repository.[3][16] Apparently published in error, or as a result of a miscommunication between the reseachers and Microsoft, the proof of concept was deleted shortly after.[3][17] However, several copies have since appeared online.[3]

See also[]

References[]

  1. ^ "July 6, 2021—KB5004945 (OS Builds 19041.1083, 19042.1083, and 19043.1083) Out-of-band". Microsoft Support. Microsoft Corporation. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  2. ^ a b Valinsky, Jordan (9 July 2021). "Microsoft issues urgent security warning: Update your PC immediately". CNN Business. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  3. ^ a b c d Corfield, Gareth (30 June 2021). "Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller". The Register. Archived from the original on 8 July 2021. Retrieved 11 July 2021.
  4. ^ "Microsoft fixes critical PrintNightmare bug". BBC News. 7 July 2021. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  5. ^ Winder, Davey (2 July 2021). "New Critical Security Warning Issued For All Windows Versions As 'PrintNightmare' Confirmed". Forbes. Archived from the original on 11 July 2021. Retrieved 11 July 2021.
  6. ^ a b "Security Update Guide - Microsoft Security Response Center". msrc.microsoft.com. Microsoft Corporation. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  7. ^ "Microsoft Releases Out-of-Band Security Updates for PrintNightmare". US-CERT. Cybersecurity and Infrastructure Security Agency. 6 July 2021. Archived from the original on 7 July 2021. Retrieved 11 July 2021.
  8. ^ "More PrintNightmare: "We TOLD you not to turn the Print Spooler back on!"". Naked Security. 2021-07-16. Retrieved 2021-09-07.
  9. ^ "Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34481". msrc.microsoft.com. Retrieved 2021-09-07.
  10. ^ a b "Out-of-Band (OOB) Security Update available for CVE-2021-34527 – Microsoft Security Response Center". Microsoft Security Response Center. Microsoft Corporation. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  11. ^ Sharwood, Simon (7 July 2021). "Microsoft patches PrintNightmare – even on Windows 7 – but the terror isn't over". The Register. Archived from the original on 8 July 2021. Retrieved 11 July 2021.
  12. ^ Smith, Adam (9 July 2021). "Microsoft fixes huge security bug – and breaks people's printers". The Independent. Archived from the original on 9 July 2021. Retrieved 11 July 2021.
  13. ^ Lawler, Richard (8 July 2021). "The Windows update to fix 'PrintNightmare' made some printers stop working". The Verge. Vox Media. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  14. ^ Goodin, Dan (8 July 2021). "Microsoft Keeps Failing to Patch the Critical 'PrintNightmare' Bug". Wired. Condé Nast. Archived from the original on 10 July 2021. Retrieved 11 July 2021.
  15. ^ Mackie, Kurt (9 July 2021). "Microsoft Clarifies Its 'PrintNightmare' Patch Advice -- Redmondmag.com". Redmondmag. 1105 Media Inc. Retrieved 11 July 2021.
  16. ^ Constantin, Lucian (8 July 2021). "PrintNightmare vulnerability explained: Exploits, patches, and workarounds". ARN. IDG Communications. Archived from the original on 8 July 2021. Retrieved 11 July 2021.
  17. ^ Warren, Tom (2 July 2021). "Microsoft warns of Windows "PrintNightmare" vulnerability that's being actively exploited". The Verge. Vox Media. Archived from the original on 9 July 2021. Retrieved 11 July 2021.


Stub icon

This computer security article is a stub. You can help Wikipedia by .

  • v
  • t
Retrieved from ""