Windows

Microsoft releases the patch to cover the Print Nightmare vulnerability for all versions of Windows starting from Windows 7

2024
Microsoft releases the patch to cover the Print Nightmare vulnerability for all versions of Windows starting from Windows 7

Table of contents:

Anonim

A week ago we saw how Microsoft-based computers from Windows 7 suffer from a localized vulnerability in the Print Queue service. A security breach that allowed code to be executed remotely and for which now Microsoft has published the corresponding patch

Microsoft has released an emergency security update that arrives with the KB5004948 patch and that arrives for all versions, and there are quite a few, of Windows affected by this problem.Until Windows 7, no longer supported, has received the security patch

For all versions of Windows

Microsoft has released patch KB5004945 to fix the Windows Print Spooler Print Nightmare vulnerability in newer versions of Windows 10 along with patch KB5004946, KB500497, KB5004948, KB5004959, KB5004960, and KB5004951 for other versions of Windows that are also affected by the problem

  • Windows 10 Version 21H1 (KB5004945)
  • Windows 10 Version 20H1 (KB5004945)
  • Windows 10 Version 2004 (KB5004945)
  • Windows 10 Version 1909 (KB5004946)
  • Windows 10 Version 1809 and Windows Server 2019 (KB5004947)
  • Windows 10 Version 1803 (KB5004949)
  • Windows 10, version 1607 and Windows Server 2016 (KB5004948)
  • Windows 10 Version 1507 (KB5004950)
  • Windows Server 2012 (Monthly Rollup KB5004956 / Security Only KB5004960)
  • Windows 8.1 and Windows Server 2012 R2 (Monthly Rollup KB5004954 / Security Only KB5004958)
  • Windows 7 SP1 and Windows Server 2008 R2 SP1 (Monthly Rollup KB5004953 / Security Only KB5004951)
  • Windows Server 2008 SP2 (Monthly Rollup KB5004955 / Security Only KB5004959)

"In the Windows Message Center, Microsoft states that an update has been released for all affected versions of Windows that are still in support."

The Print Nightmare vulnerability, with the key, CVE-2021-34527, is a threat classified as critical and is caused by the fact that the Print Spooler Service does not restrict access to the function RpcAddPrinterDriverEx, something that can allow a remotely authenticated malicious attacker to remotely execute code on your computer.

The problem is that this patch appears to be incomplete, as security researchers discover that even with the patch, it can be achieved both remote code execution and local privilege gain.

In this sense, and as reported by Bleeping Computer, small unofficial and free patches have been published on the 0patch blog that do fix the problem caused by PrintNightmareand that can successfully block attempts to exploit the vulnerability.

"

In this sense, and if you do not have any of these patches installed, it is advisable to follow the recommendations that we already saw at the time and that go through deactivating the Print Queue service if we do not have a printer or if we have a printer, go to Edit group policies, select Computer Configuration, then click on Administrative Templates, select Printers>Allow the print spooler to accept client connections "

Via | Bleeping Computer

Windows

Editor's choice

Is HTC losing interest in Windows Phone?

Is HTC losing interest in Windows Phone?

2024
Samsung Ativ Q

Samsung Ativ Q

2024
Images of what could be the new Nokia Lumia EOS

Images of what could be the new Nokia Lumia EOS

2024
Build 2013 devices: waiting for manufacturers

Build 2013 devices: waiting for manufacturers

2024
Back to top button