Skip to main content
BlogPatch Management

Windows Out-of-Band Update Released to Fix PrintNightmare Vulnerability

By July 7, 2021July 21st, 2022No Comments
||

Windows Out-of-Band Update Released to Fix PrintNightmare Vulnerability

Microsoft released an emergency update to fix the Weaponized PrintNightmare zero-day vulnerability in the Windows Print Spooler service.

[vc_empty_space]
[vc_single_image image=”364803″ img_size=”full”]

Microsoft Releases Emergency Patch for PrintNightmare Flaw

Microsoft has released an emergency security update to fix the Weaponized PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all versions of Windows, including Windows 7 and Windows Server 2008 R2.

Improper input validation within the RpcAddPrinterDriverEx() function allows this vulnerability to be weaponized, as has been confirmed by Microsoft. A remote user can send a specially-crafted request to the Windows Print Spooler and execute arbitrary code with SYSTEM privileges.

Syxscore Risk Alert

  1. Vendor Severity: Critical
  2. CVSS Severity: 9.9 (Critical)
  3. Attack Vector: Network
  4. Attack Complexity: Low
  5. Privileges Required: Low
  6. User Interaction: None
  7. Scope (Jump Point): Yes

“This is one of the highest priorities of the year to date,” said Rob Brown, Head of Customer Success for Syxsense. “Not only does this impact almost every single operating system by Microsoft, if this is weaponized within your environment, there is the real possibility of those hackers jumping into another technology or applications within your network. Microsoft have also taken the rare step of releasing this update for Windows 7 even if you do not have an ESU extended license.”

How Syxsense Can Help

As always, we recommend full testing be performed prior to live deployment to your device. These are now available within the Syxsense Console.

Syxsense provides that first line of defense against vulnerabilities by automating the patching of all systems. Experience the power of IT managementpatch management, and security vulnerability scanning in one powerful solution.

[vc_single_image image=”331859″ img_size=”full” css=”.vc_custom_1613682412229{padding-right: 200px !important;padding-left: 200px !important;}”]

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Leave a Reply