Microsoft pushes emergency update for Windows PrintNightmare zero-day
Microsoft has released the KB5004945 emergency security update to address the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges.
The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM privileges, as it will enable them to install programs, view, change, or delete data, and create new accounts with full user rights.
Detailed instructions on how to install these out-of-band security updates for your operating system, are available in the support documents linked below:
Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft.
Leave a Comment
Related Posts
Recent Posts
KA7OEI's blog: RFI (Radio Frequency Interference) sleuthing with the TinySA - Part 1: The gear
Comment/cdn.vox-cdn.com/uploads/chorus_asset/file/19715597/acastro_200212_1777_Lambda_0001.jpg)
Indonesia taps influencers to convince people to move to its new, under-construction capital
Comment
