Microsoft Warns of Another Unpatched Windows Print Spooler RCE Vulnerability

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update. Tracked as CVE-2021-36958 CVSS score: 7.3, the unpatched flaw...

Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. The update, which is the smallest release since December 2019, squashes seven Critical and 37...

Point and Print Default Behavior Change

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changi...

August 10, 2021—KB5005106 (Security-only update)

August 10, 2021—KB5005106 Security-only update Important: Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating...

August 10, 2021—KB5005031 (OS Build 18363.1734)

August 10, 2021—KB5005031 OS Build 18363.1734 EXPIRATION NOTICE As of 9/12/2023, KB5005031 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quali...

Point and Print Default Behavior Change

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changi...

August 10, 2021—KB5005040 (OS Build 10240.19022) - EXPIRED

August 10, 2021—KB5005040 OS Build 10240.19022 - EXPIRED EXPIRATION NOTICEIMPORTAN T As of 9/12/2023, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. 12/8/...

Point and Print の既定動作の変更

本記事は「Point and Print Default Behavior Change」の日本語抄訳です。 "PrintNightmare" と総称されるいくつかの脆弱性を調査した...

Point and Print Default Behavior Change

Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changi...

August 10, 2021—KB5005094 (Security-only update)

August 10, 2021—KB5005094 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows Server 2012 has reached the end of...

August 10, 2021—KB5005090 (Monthly Rollup)

August 10, 2021—KB5005090 Monthly Rollup Important: Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

August 10, 2021—KB5005089 (Security-only update)

August 10, 2021—KB5005089 Security-only update Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files

Overview Microsoft Windows allows for non-admin users to be able to install printer drivers via Point and Print. Printers installed via this technique also install queue-specific files, which can be arbitrary libraries to be loaded by the privileged Windows Print Spooler process. Description...

CVE-2021-34481

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

PT-2021-3629 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler versions prior to the version with the security update released by Microsoft Description: The issue is related to insufficient access restrictions in the Windows Print Spooler service, allowing a remote attacker to execu...

CISA Offers New Mitigation for PrintNightmare Bug

The U.S. government has stepped in to offer a mitigation for a critical remote code execution RCE vulnerability in the Windows Print Spooler service that may not have been fully patched by Microsoft’s initial effort to fix it. To mitigate the bug, dubbed PrintNightmare, the CERT Coordination Cent...

CVE-2021-34527 "PrintNightmare"

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or...

CVE-2021-34527 (PrintNightmare): What You Need to Know

Vulnerability note: This blog originally referenced CVE-2020-1675, but members of the community noted the week of June 29 that the publicly available exploits that purported to exploit CVE-2021-1675 may in fact have been targeting a new vulnerability in the same function as CVE-2021-1675. This wa...

Microsoft Windows Print Spooler allows for RCE via AddPrinterDriverEx()

Overview The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system. Description The...

PT-2021-1607

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version Description The issue is related to a security feature bypass vulnerability in the NTLM protocol implementation in Windows. This vulnerability can be exploited by a remote attacker to gain unauthoriz...