Microsoft Releases Out-of-Band Security Updates for PrintNightmare


Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to National Cyber Awareness System Current Activity for
Cybersecurity and Infrastructure Security Agency. This information has recently
been updated, and is now available.

Releases Out-of-Band Security Updates for PrintNightmare

07/06/2021 07:53 PM EDT


release date: July 6, 2021

Microsoft has released out-of-band
security updates
to address a remote code execution (RCE)
vulnerability—known as PrintNightmare (CVE-2021-34527)—in the Windows Print
spooler service. According to the CERT Coordination Center (CERT/CC), “The
Microsoft Windows Print Spooler service fails to restrict access to
functionality that allows users to add printers and related drivers, which can
allow a remote authenticated attacker to execute arbitrary code with SYSTEM
privileges on a vulnerable system.”

The updates are cumulative and contain all previous fixes as well as
protections for CVE-2021-1675. The updates do not include Windows 10 version
1607, Windows Server 2012, or Windows Server 2016—Microsoft states updates for
these versions are forthcoming. Note: According to CERT/CC, “the Microsoft
update for CVE-2021-34527 only appears to address the Remote Code Execution
(RCE via SMB and RPC) variants of the PrintNightmare, and not the Local
Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU
for workarounds for the LPE variant.