"PrintNightmare" Windows Print Spooler vulnerability being actively exploited

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › IT Pro and developers › "PrintNightmare" Windows Print Spooler vulnerability being actively exploited

clinty

1201 posts

Uber Geek
+1 received by user: 402

Lifetime subscriber

#288491 3-Jul-2021 15:36

not only the Kaseya attack to worry about this weekend

https://www.windowscentral.com/windows-printnightmare-vulnerability-being-actively-exploited-according-microsoft

A print spooler vulnerability PoC was accidently published before MS could patch it - MS recommends turning off Print Spooler in Servers that do not require it, until a patch is released

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," says the company. "An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

Clint

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

billgates

4705 posts

Uber Geek
+1 received by user: 671

Trusted

#2740657 7-Jul-2021 15:22

Long story short, the patch released by MS few hours ago only fixes 1 of 2 ways of exploiting the vulnerability. At this stage disabling incoming remote printer connection, then restarting the print spooler is one method or disable the printer spooler is second method. I would recommend applying the the 1st method followed by 2nd method for good record. Domain controllers do not and should not require any form of printing be it even printing to file type of reports.

Do whatever you want to do man.

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright