Microsoft Warns Of Critical 0-Day PrintNightmare Vulnerability, But There's A Workaround
Over the last couple of days, a vulnerability tracked as CVE-2021-34527 has made the rounds, making IT people quite nervous. The cybersecurity threat, also dubbed PrintNightmare, exploits a flaw within the Windows Print Spooler, allowing for remote code execution on a system. Now, Microsoft has provided mitigation guidance to block these attacks on vulnerable devices around the world.
The CVE (common vulnerability enumeration), published yesterday by Microsoft, outlined the vulnerability that recently cropped up affecting the Windows Print Spooler. The executive summary explains that remote code execution can occur when the Windows Print Spooler service “improperly performs privileged file operations.” Upon successful exploit, the attacker could run whatever code they want with system privileges which is the highest tier.
Hopefully, Microsoft’s investigation into the vulnerability will not take long, nor will an official patch. In the meantime, it is recommended by the Cybersecurity and Infrastructure Agency (CISA) to follow Microsoft’s workarounds. Furthermore, stay tuned to HotHardware for updates on this developing situation.