Microsoft’s Emergency Update for PrintNightmare Fails to Fully Fix Vulnerability

Print-Nightmare, an application that allows users to print documents to a local network printer or a remote networked printer, was released in mid-July by SAGE Software. A month later, as many as 100,000 Windows users were told that they had downloaded the application to their computers, but the company had not provided a way to uninstall PrintNightmare. Last week, the company released an updated version of the software, which fixed the bug, but the original version remained available on Microsoft Update.

Microsoft released another emergency fix for PrintNightmare, as another serious bug in its Windows print system was discovered by researchers at security firm Rapid7. The researchers reported another catastrophic bug in the way that Windows handles print jobs, which allows an attacker to upload a malicious print job, then run arbitrary code on the affected system, including installing malware.

Image: Microsoft

Yesterday, Microsoft released an emergency update for Windows users regarding PrintNightmare, a zero-day vulnerability that allows remote attackers to execute code with system privileges on various versions of the operating system. Unfortunately, users find that the upgrade only works partially. As security researchers Matthew Hickey and Will Dormann discovered, Microsoft has only patched the remote code execution component of the vulnerability, so threats can still use the exploit using the local privilege escalation component to gain system privileges for both older and newer versions of Windows. This is possible in the latter case if the display and print policy is enabled. Administrators and users are advised to disable the Print Spooler service until Microsoft releases a more comprehensive patch, but the 0patch micropatch would effectively block the vulnerability.

The patch Microsoft released for the recent #PrintNightmare vulnerability removes the remote vector – but the LPE variants are still functional. They work on Windows 7, 8, 8.1, 2008 and 2012 by default but require Point&Print configuration for Windows 2016, 2019, 10 and 11(?). ️

– Hacker Fantastic (@hackerfantastic) 6. July 2021

Manipulation of strings and filenames is difficult
New function in #mimikatz to normalize filenames (bypassing checks by using UNC instead of servershare)

So, RCE (and LPE) with #printnightmare on a fully patched server, with point & print enabled.


– Benjamin Delpy (@gentilkiwi) 7. July 2021

[…] as more and more researchers began to modify their exploits and test the patch, it became clear that the exploits could completely bypass the patch and perform both local privilege escalation (LPE) and remote code execution (RCE). According to Benjamin Delpy, the creator of Mimikatz, the patch can be bypassed to allow remote code execution when the point and print policy is enabled.

Sources: Matthew Hickey, Will Dormann, Benjamin Delpy, Bleeping Computer

Latest news

The NVIDIA GeForce RTX 40 series is expected to arrive in 4. GeForce RTX 3090 launches in Q1 2022 and doubles performance

7. July 20217 July 2021

Red Dead Redemption 2 will be NVIDIA DLSS on July 13. receive

7. July 20217 July 2021

Ubisoft is developing the Assassin’s Creed Live services platform, Assassin’s Creed Infinity

7. July 20217 July 2021

NVIDIA GeForce RTX 30 series SUPER notebook GPUs will be released next year

7. July 20217 July 2021

Tencent introduces facial recognition system to prevent minors from playing video games at night

6. July 20216 July 2021

RoboCop: Rogue City announced for consoles and PC

6. July 20216 July 2021

windows update march 2021 problemswindows 10 march 2021 update problemspatch tuesday may 2021 issuesmicrosoft patch tuesday schedule 2021microsoft patch tuesday may 2021cve-2021-1732 exploit,People also search for,Privacy settings,How Search works,windows update march 2021 problems,windows 10 march 2021 update problems,patch tuesday may 2021 issues,microsoft patch tuesday schedule 2021,microsoft patch tuesday may 2021,cve-2021-1732 exploit,microsoft patch release schedule 2021,patch tuesday, microsoft

You May Also Like