Microsoft acknowledged a remote code execution vulnerability that affects Windows Print Spooler last week. Tracked as CVE-2021-34527, the PrintNightmare bug impacts all versions of Windows 10 pushing the company to deliver an out-of-band update to fix this security issue.
Windows 10 update KB5004945 is now available for all the supported versions, including version 21H1, version 20H1, v2004, v1909, v1809, v1803, v1507. This fix is also available for older operating systems, including Windows 8.1, Windows Server 2012, Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. The company added that it will deliver updates for the "remaining affected supported versions of Windows" in the coming days.
Users are strongly advised to check for updates and get this latest update at the earliest to protect their devices against remote attacks.
Remote code execution "PrintNightmare" zero-day bug that affects all Windows
Exploiting this Windows RCE flaw, an attacker could run code on the affected device with full system privileges, install software, and modify data. Microsoft writes:
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The issue has been so severe that the CERT Coordination Center (CERT/CC) and the US government had to step in to offer mitigation for this critical RCE vulnerability. CERT had advised admins to disable the Windows Print Spooler service on servers that aren't being used for printing.
Admins are strongly advised to check the details over at this security bulletin.
- Updating...
The post Emergency OOB Update Is Out to Address PrintNightmare Bug – Affects ALL Windows Versions! by Rafia Shaikh appeared first on Wccftech.
source https://wccftech.com/emergency-oob-update-is-out-to-fix-printnightmare-windows-bug/