Author Topic: Out-Of-Band Update For Windows Print Spooler Remote Code Execution Vulnerability  (Read 2060 times)

0 Members and 1 Guest are viewing this topic.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20775
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Microsoft released an out-of-band update to address CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability for Windows 10 Versions 21H1, 20H2, 2004, 1909, 1809, 1803, 1507, and Windows 8.1

Although at the time of this posting, the KB Articles are not accessible yet, the Windows versions and assigned KB Articles are as follows:

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package, go to the
Microsoft Update Catalog website.

Update history for Windows 10


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
One of the services that come through on my news feed was reporting that this was an oopsie.  That the white hat guys publicly released directions on how to exploit the vulnerability because they thought it had already been patched. I can't find the source now to see if it is a reliable one or not.  Anyone else have any information on this?

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20775
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
There had been a previous print spooler but that was patched last month.  However, there are still issues after the out-of-band update.  See Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline pastywhitegurl

  • Hero Member
  • *****
  • Posts: 1180
  • advanced techno feeb
    • View Profile
Thanks for that. (I updated Windows as soon as I saw this topic.)
 
From reading the article, it sounds to me like if you avoid printing anything directly from the internet and only print from your hard drive, that should prevent exploitation of the rest of the PrintNightmare vulnerability.  Is that accurate?

Offline Hardhead

  • Visiting Experts
  • Full Member
  • *****
  • Posts: 43
    • View Profile
I actually was able to download the Windows 10, Version 21H1, 20H2, 2004: KB5004945 on 07/06/21 and had no issues whatsoever.  :P

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20775
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
MSRC information at Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability:

Quote
On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible.

CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability.

Following the out of band release (OOB) we investigated claims regarding the effectiveness of the security update and questions around the suggested mitigations.

Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.

Additional information is in the referenced blog post.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.