PrintNightmare Archives - Security Affairs

Pierluigi Paganini March 16, 2022

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the organization’s Duo MFA. The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) warned that Russia-linked threat actors have gained access to a non-governmental organization (NGO) cloud by exploiting misconfigured default multifactor […]

Pierluigi Paganini August 13, 2021

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice Society ransomware operators are actively exploiting Windows print spooler PrintNightmare vulnerability in their attacks against Windows servers. The PrintNightmare flaws (tracked as (CVE-2021-1675, CVE-2021-34527, and CVE-2021-36958) reside in the Windows Print Spooler service, print drivers, and the Windows Point and […]

Pierluigi Paganini July 09, 2021

Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw

Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the emergency security patches released early this week correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527) for all supported Windows versions. Immediately after the release of the updates (KB5004945) multiple researchers questioned its efficiency and explained […]

Pierluigi Paganini July 08, 2021

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an out-of-band KB5004945 security update to address the PrintNightmare vulnerability, unfortunately, the patch is incomplete and still allows remote code execution. Researchers have demonstrated that it is possible to bypass the emergency patch to achieve remote code execution […]

Pierluigi Paganini July 07, 2021

Microsoft rolled out emergency update for Windows PrintNightmare zero-day

Microsoft rolled out KB5004945 emergency update to address the actively exploited PrintNightmare zero-day vulnerability (CVE-2021-34527) in Print Spooler service. Microsoft has released the KB5004945 emergency security update to address the actively exploited CVE-2021-34527 zero-day vulnerability, aka PrintNightmare. “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An […]

Pierluigi Paganini July 02, 2021

CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks

CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due to PrintNightmare zero-day. CISA issued an alert to warn admins to disable the Windows Print Spooler on servers not used for printing due to the risk of exploitation of the PrintNightmare zero-day vulnerability. ““while Microsoft […]

PrintNightmare

Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

Vice Society ransomware also exploits PrintNightmare flaws in its attack

Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Microsoft rolled out emergency update for Windows PrintNightmare zero-day

CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google confirms Salesforce CRM breach, faces extortion threat

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 57

Security Affairs newsletter Round 536 by Pierluigi Paganini – INTERNATIONAL EDITION

Embargo Ransomware nets $34.2M in crypto since April 2024

Germany limits police spyware use to serious crimes

QUICK LINKS

PrintNightmare

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!