Microsoft has issued a warning to its Windows users informing them of an exploit through the PrintSpooler service called PrintNightmare. This vulnerability was discovered by three separate security agencies, namely Tencent, AFINE and NSFOCUS. It was reported by Bleeping Computer.
Seeing the exploit out in the wild, another Chinese company called Sangfor released a technical writeup of the exploit calling it PrintNightmare. Administrators have been advised to stop and disable the 'PrintSpooler' service as this seems to be the primary source of infection and allows threat actors access to servers connected via the service.
Microsoft's 365 Defender customers already have access to a threat analysis report and mitigation guidelines that will help them combat the threat. As of now, Microsoft has not released an official patch for the threat.
Microsoft 365 Defender customers can also refer to the threat analytics report we published on this vulnerability. The report provides tech details, guidance for mitigating the impact of this threat, and advanced hunting queries, which are published here: https://t.co/tBunCJgn6W— Microsoft Security Intelligence (@MsftSecIntel) July 2, 2021
The exploit seems to be present on all versions of Windows and while Microsoft investigates the issue, unofficial patches have been made available on Opatch till the Redmond software giant provides a fix.
We have our first patch candidates for PrintNightmare / CVE-2021-34527, which should be deployed (and applied) within hours. We're starting with:- Server 2019 - Server 2016 - Server 2012 As usual, all must have June updates applied for our micropatches to work. — 0patch (@0patch) July 2, 2021
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
