"PrintNightmare" Windows Print Spooler vulnerability being actively exploited

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › IT Pro and developers › "PrintNightmare" Windows Print Spooler vulnerability being actively exploited

clinty

1183 posts

Uber Geek

Lifetime subscriber

#288491 3-Jul-2021 15:36

not only the Kaseya attack to worry about this weekend

https://www.windowscentral.com/windows-printnightmare-vulnerability-being-actively-exploited-according-microsoft

A print spooler vulnerability PoC was accidently published before MS could patch it - MS recommends turning off Print Spooler in Servers that do not require it, until a patch is released

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," says the company. "An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

Clint

This is a filtered page: currently showing replies marked as answers. Click here to see full discussion.

billgates

4705 posts

Uber Geek

Trusted

#2740657 7-Jul-2021 15:22

Long story short, the patch released by MS few hours ago only fixes 1 of 2 ways of exploiting the vulnerability. At this stage disabling incoming remote printer connection, then restarting the print spooler is one method or disable the printer spooler is second method. I would recommend applying the the 1st method followed by 2nd method for good record. Domain controllers do not and should not require any form of printing be it even printing to file type of reports.

Do whatever you want to do man.

News and reviews »

Gen Threat Report Reveals Rise in Crypto, Sextortion and Tech Support Scams
Posted 7-Aug-2025 13:09

Logitech G and McLaren Racing Sign New, Expanded Multi-Year Partnership
Posted 7-Aug-2025 13:00

A Third of New Zealanders Fall for Online Scams Says Trend Micro
Posted 7-Aug-2025 12:43

OPPO Releases Its Most Stylish and Compact Smartwatch Yet, the Watch X2 Mini.
Posted 7-Aug-2025 12:37

Epson Launches New High-End EH-LS9000B Home Theatre Laser Projector
Posted 7-Aug-2025 12:34

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Affiliate links: Samsung; AliExpress; Wise; Sharesies; GoodSync

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright