You are subscribed to National Cyber Awareness System Current Activity for
Cybersecurity and Infrastructure Security Agency. This information has recently
been updated, and is now available.
Microsoft
Releases Out-of-Band Security Updates for PrintNightmare
07/06/2021 07:53 PM EDT
Original
release date: July 6, 2021
Microsoft has released out-of-band
security updates to address a remote code execution (RCE)
vulnerability—known as PrintNightmare (CVE-2021-34527)—in the Windows Print
spooler service. According to the CERT Coordination Center (CERT/CC), “The
Microsoft Windows Print Spooler service fails to restrict access to
functionality that allows users to add printers and related drivers, which can
allow a remote authenticated attacker to execute arbitrary code with SYSTEM
privileges on a vulnerable system.”
The updates are cumulative and contain all previous fixes as well as
protections for CVE-2021-1675. The updates do not include Windows 10 version
1607, Windows Server 2012, or Windows Server 2016—Microsoft states updates for
these versions are forthcoming. Note: According to CERT/CC, “the Microsoft
update for CVE-2021-34527 only appears to address the Remote Code Execution
(RCE via SMB and RPC) variants of the PrintNightmare, and not the Local
Privilege Escalation (LPE) variant.” See CERT/CC Vulnerability Note VU
#383432 for workarounds for the LPE variant.