Print Nightmare - Windows Print Spooler Vulnerability
7/07/2021

Microsoft released an update for a print spooler vulnerability as part of June Patch Tuesday tracking it under CVE-2021- 1675. On June 29, 2021, PoC exploit for another critical remote code execution (RCE) vulnerability in print spooler had been posted by security researchers. US CERT has raised an alert for this bug that has been named PrintNightmare.

OVERVIEW

▪ Microsoft released an update for a print spooler vulnerability as part of June Patch Tuesday tracking it under CVE-2021-1675.

▪ When it was originally disclosed in June, it was described as a low severity elevation of privilege vulnerability (EOP) which was later updated on June 21 to indicate a critical severity and the potential for RCE.

▪ On June 29, 2021, as PoC exploit for another print spooler vulnerability had been posted by security researchers. It was observed, that the newly-disclosed Print Spooler bug by security researchers wasn’t actually the same security hole that was fixed on Patch Tuesday (CVE-2021-1675).

▪ Since the update published by Microsoft in June does not address the exploits and a new patch from Microsoft is expected in the near future.

▪ Therefore, US CERT has raised an alert for this critical remote code execution (RCE) vulnerability in the Windows Print Spooler that has been named PrintNightmare, not addressed by the Microsoft Patch Tuesday update for CVE-2021-1675.

Sign Up Here for Download