Microsoft's incomplete PrintNightmare patch fails to fix vulnerability

[backstreetboy]

Microsoft's incomplete PrintNightmare patch fails to fix vulnerability

Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed.

www.bleepingcomputer.com

Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed.

Last night, Microsoft released an out-of-band KB5004945 security update that was supposed to fix the PrintNightmare vulnerability that researchers disclosed by accident last month.

After the update was released, security researchers Matthew Hickey, co-founder of Hacker House, and Will Dormann, a vulnerability analyst for CERT/CC, determined that Microsoft only fixed the remote code execution component of the vulnerability.

However, malware and threat actors could still use the local privilege escalation component to gain SYSTEM privileges on vulnerable systems only if the Point and Print policy is enabled.

https://twitter.com/x/status/1412529895788486657

 

[backstreetboy]

Micro$oft, Micro$oft, Windows all the way!

 

[Crumbl0x]

The S in PrintNightmare Patch stands for security.

...ok that was pretty bottom of the barrel lol

 

[The_Librarian]

glad I'm not a developer at M$ right now.

 

[KatieKim]

Otherwise than problems with printers, are there any other issues that this patch is causing? I like to wait a bit before updating but I don't like leaving big security updates waiting.