Microsoft's incomplete PrintNightmare patch fails to fix vulnerability

backstreetboy

Honorary Master
Joined
Jun 15, 2011
Messages
28,852

Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed.

Last night, Microsoft released an out-of-band KB5004945 security update that was supposed to fix the PrintNightmare vulnerability that researchers disclosed by accident last month.

After the update was released, security researchers Matthew Hickey, co-founder of Hacker House, and Will Dormann, a vulnerability analyst for CERT/CC, determined that Microsoft only fixed the remote code execution component of the vulnerability.

However, malware and threat actors could still use the local privilege escalation component to gain SYSTEM privileges on vulnerable systems only if the Point and Print policy is enabled.

 

KatieKim

Member
Joined
Jun 3, 2021
Messages
11
Otherwise than problems with printers, are there any other issues that this patch is causing? I like to wait a bit before updating but I don't like leaving big security updates waiting.
 

das Toktokken

Honorary Master
Joined
Jul 18, 2008
Messages
54,002
Otherwise than problems with printers, are there any other issues that this patch is causing? I like to wait a bit before updating but I don't like leaving big security updates waiting.
Do not delay this one, it's a doozi
 
Top