Skip to main content
Zero Days & Vulns

Windows Print Spooler zero-day

By 3 juillet 2021juillet 10th, 2021No Comments

A zero-day vulnerability was discovered in Windows print spooler following an accidental release of a proof of concept by security researchers. The released PoC exploits PrintNightmare to be distinguished from CVE-2021-1675, another print spooler vulnerability discovered on the 8th of june 2021.

 

  • CVE-2021-34527: This vulnerability enables an authenticated attacker to remotely execute code and eventually can lead to system take-over.
  • CVE-2021-1675: This local privilege escalation vulnerability also allows threat actors to perform remote code execution
RECOMMENDED SOLUTION
  • Patches have been issued for CVE-2021-1675 and can be found on Microsoft’s advisory.
  • Updates are now available to correct CVE-2021-34527 but they have been bypassed by security researchers.
  • 0patch has made a free patch available. Its efficiency against exploitation has been confirmed by a few sources from the security community.
POSSIBLE MITIGATION

For more information, refer to CISA and Microsoft to stay updated with the latest measures.

Sources : CISA, CERT-FR, Microsoft, Bleeping Computer, Carnegie Mellon University, 0patch