Items tagged with printnightmare
The astutely named PrintNightmare family of issues affecting many Windows devices is not going away for Microsoft, it seems. Though there have been numerous patches and updates, not all have been fixes for the print spooler issues. This is the case once more following this month’s Patch Tuesday update, which has been confirmed to break network printing in some cases. As of late, Microsoft is reporting that “After installing KB5005033 or a later update, certain printers in some environments using Point and Print might receive a prompt saying, ‘Do you trust this printer?’” When this happens, administrator credentials are required to install the printer every time...
Read more...
Hey, good news, in case you missed it—Microsoft earlier this week announced it has completed its investigation of an annoyingly persistent printer exploit, and issued a series of patches to get rid of the problem. Ready for the bad news? Another similar security vulnerability has reared its ugly head, and Microsoft doesn't have a patch for it just yet. This latest vulnerability is another so-called PrintNightmare bug. These affect the Windows Print Spooler service, and if exploited, and attacker could run malicious code on an affected system with advanced privileges, or wreak other kinds of havoc (like deleting or altering files). That's obviously not a good thing. "A remote code execution...
Read more...
Microsoft is pretty confident that it has finally addressed the dreaded PrintNightmare that has been keeping IT admins awake at night. Okay, maybe that is a slight exaggeration. However, the vulnerability within Microsoft's Windows Print Spooler service has definitely been a recurring headache, and is seemingly fixed (knock on wood). The first warning of the PrintNightmare bug came abut a month and a half ago. Microsoft explained that remote code execution could occur when the Windows Print Spooler service "improperly performs privileged file operations." If successfully exploited, an attacker could run malicious code on a system full privileges. Not good. An emergency Windows 10 patch issued...
Read more...
Earlier in July, the PrintNightmare vulnerability was discovered, wherein a threat actor could exploit the vulnerability to gain system-level access to a device. This was only speculation at first, but that has now changed, as cybersecurity researcher Benjamin Delpy has shown. Since the discovery of PrintNightmare, Delpy has been working to both investigate and exploit it for research purposes. Initially, he reported that he could achieve both remote code execution and local privilege escalation using PrintNightmare on a fully patched server with “Point & Print” enabled. Following that development, Delpy was more recently able to create a web-hosted printer that leveraged the...
Read more...
After the PrintNightmare vulnerability was found, the Windows Print Spooler and printer drivers were under the microscope. Now, yet another Print Spooler vulnerability has been discovered, allowing for code execution with SYSTEM privileges. First disclosed yesterday, the new print spooler vulnerability was uncovered by researchers at Carnegie Mellon University. It stems from Windows allowing non-admin users to install printer drivers through a feature called “Point and Print.” However, Microsoft “requires that printers installable via Point are either signed by a WHQL release signature or are signed by a certificate that is explicitly trusted by the target system.” Want...
Read more...
After last week's out-of-band update to patch the PrintNightmare vulnerability, Microsoft has now released more vulnerability fixes as part of Patch Tuesday. With this update, the Redmond, Washington-based company knocked out a whopping 117 security issues that garnered a variety of concerns. Patch Tuesday has become something a holiday (or recurring nightmare) on the second Tuesday of each month for IT administrators, as Microsoft pushes out the latest security updates to its products. For this Patch Tuesday, a rather extensive list including Microsoft Office products, Microsoft networking products, and a swath of Windows products have been given security updates. Many of the vulnerabilities...
Read more...
At the top of July, a vulnerability within the Windows print spooler service, dubbed PrintNightmare, was discovered in the wild. Afterward, Microsoft rushed out a patch to fix the problem, but the Redmond, Washington-based company may have been just a little quick on the draw. Now, some users are encountering printer issues with the emergency Windows patch leading to an even bigger headache. As reported on Reddit, among other places on the Internet, users and system administrators are finding that the emergency patch KB5004945 to fix PrintNightmare is breaking Zebra printers’ functionality. The common theme appears to be that print jobs are getting stuck in the queue after a computer wakes...
Read more...
As if fussing with a printer is not maddening enough, a recent Windows Print Spooler exploit called 'PrintNightmare' left users vulnerable to remote code execution attacks. Not cool. Fortunately, Microsoft has made rather quick work of rolling out an out-of-band patch, which is being sent out via Windows Update (or you can grab it manually). Out-of-band patches for Windows are somewhat on the rare side, though they do happen on occasion. Normally, Microsoft packages up cumulative updates and dishes them out on the second Tuesday of every month, otherwise known as Patch Tuesday. Sometimes, however, problems or exploits arise that simply can't wait. This is one of them. Published as CVE-2021-34527,...
Read more...
