Last week a BOC Alert was sent to our clients warning of the Windows Print spooler service vulnerability, PrintNightmare. Microsoft has released patches for several versions of Windows.
It is highly recommended that these updates be installed as soon as possible. You can find the updates for systems under “Security Updates” at the link below. Please be advised that this patch is not yet available for all versions of Windows and Server. Be sure to check the published Microsoft documentation when searching for patches for your system.
Microsoft will continue to post updates at the following: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
Previous BOC Alert – July 1st, 2021
CISA released an alert yesterday warning of a critical Windows Print spooler service vulnerability called PrintNightmare. Microsoft has released an update for CVE-2021-1675, but this update does not remediate the public exploits by the same name. This vulnerability can lead to an attacker to take control of an affected system.
Organizations are encouraged to disable the Windows Print spooler service in domain controllers and Active Directory admin systems that do not print. Microsoft also released a best practice guide that outlines what risks the Print spooler service on domain controllers can introduce.