CATEGORIES
home News

Microsoft Warns Of Critical 0-Day PrintNightmare Vulnerability, But There's A Workaround

by Nathan OrdFriday, July 02, 2021, 10:05 AM EDT
microsoft publishes workaround for printnightmare vulnerability
Over the last couple of days, a vulnerability tracked as CVE-2021-34527 has made the rounds, making IT people quite nervous. The cybersecurity threat, also dubbed PrintNightmare, exploits a flaw within the Windows Print Spooler, allowing for remote code execution on a system. Now, Microsoft has provided mitigation guidance to block these attacks on vulnerable devices around the world.

The CVE (common vulnerability enumeration), published yesterday by Microsoft, outlined the vulnerability that recently cropped up affecting the Windows Print Spooler. The executive summary explains that remote code execution can occur when the Windows Print Spooler service “improperly performs privileged file operations.” Upon successful exploit, the attacker could run whatever code they want with system privileges which is the highest tier.

parks&rec microsoft publishes workaround for printnightmare vulnerability
Perhaps you do not need to throw out your computer as Ron Swanson did, but this is not great.

At present, Microsoft is still investigating the situation and has not provided a fix. In the meantime, the company has provided workarounds to prevent this from being exploited. These include disabling the print spooler all together or disabling inbound remote printing through a Group Policy update. In the former workaround, users will not be able to print locally or remotely. The latter change will make it so a system will “no longer function as a print server, but local printing to a directly attached device will still be possible.”

Hopefully, Microsoft’s investigation into the vulnerability will not take long, nor will an official patch. In the meantime, it is recommended by the Cybersecurity and Infrastructure Agency (CISA) to follow Microsoft’s workarounds. Furthermore, stay tuned to HotHardware for updates on this developing situation.
Tags:  Microsoft, vulnerability, cybersecurity, (nasdaq:msft)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment