{"id":45644,"date":"2021-07-07T18:10:37","date_gmt":"2021-07-07T22:10:37","guid":{"rendered":"http:\/\/pappp.net\/?guid=0da86012464d5e16a60bf9d965cd9268"},"modified":"2021-07-07T18:10:37","modified_gmt":"2021-07-07T22:10:37","slug":"microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability","status":"publish","type":"post","link":"https:\/\/pappp.net\/?p=45644","title":{"rendered":"Microsoft\u2019s emergency patch fails to fix critical \u201cPrintNightmare\u201d vulnerability"},"content":{"rendered":"<p class=\"syndicated-attribution\">Source: <a href=\"https:\/\/arstechnica.com\/?p=1778734\">Ars Technica<\/a><\/p>\n<div style=\"background-color : #fff7d5;\n\t\t\tborder-width : 1px; padding : 5px; border-style : dashed; border-color : #e7d796;margin-bottom : 1em; color : #9a8c59;\">Article note: The \"cybersecurity\" landscape at the moment is really pretty ghastly.\nIt's been a while since Microsoft shit the bed this hard. \nNow all we need is a worm that uses the RCE with a ransomware payload to bring \"old computer suck\" and \"modern computer suck\" together.<\/div><div>\n<figure><img src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/04\/GettyImages_SkullCrossbonesBinaryComputerScreen-CROPPED-800x472.jpeg\" alt=\"Skull and crossbones in binary code\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><p><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/04\/GettyImages_SkullCrossbonesBinaryComputerScreen-CROPPED.jpeg\" rel=\"noopener noreferrer\">Enlarge<\/a> (credit: <a rel=\"noopener noreferrer\" href=\"https:\/\/www.gettyimages.com\/\">Getty Images<\/a>)<\/p>  <\/figure><div><a name=\"page-1\"><\/a><\/div>\n<p>An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice, researchers said.<\/p>\n<p>The threat, colloquially known as PrintNightmare, stems from bugs in the Windows print spooler, which provides printing functionality inside local networks. Proof-of-concept exploit code was publicly released and then pulled back, but not before others had copied it. Researchers track the vulnerability as CVE-2021-34527.<\/p>\n<h2>A big deal<\/h2>\n<p>Attackers can exploit it remotely when print capabilities are exposed to the Internet. Attackers can also use it to escalate system privileges once they&rsquo;ve used a different vulnerability to gain a toe-hold inside of a vulnerable network. In either case, the adversaries can then gain control of the domain controller, which as the server that authenticates local users, is one of the most security-sensitive assets on any Windows network.<\/p><\/div><p><a href=\"https:\/\/arstechnica.com\/?p=1778734#p3\" rel=\"noopener noreferrer\">Read 12 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=1778734&amp;comments=1\" rel=\"noopener noreferrer\">Comments<\/a><\/p><div>\n<a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=nq107UF-O60:1Fxaw7-HFbc:V_sGLiPBpWU\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=nq107UF-O60:1Fxaw7-HFbc:V_sGLiPBpWU\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=nq107UF-O60:1Fxaw7-HFbc:F7zBnMyn0Lo\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?i=nq107UF-O60:1Fxaw7-HFbc:F7zBnMyn0Lo\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=nq107UF-O60:1Fxaw7-HFbc:qj6IDK7rITs\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=qj6IDK7rITs\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a> <a href=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?a=nq107UF-O60:1Fxaw7-HFbc:yIl2AUoC8zA\" rel=\"noopener noreferrer\"><img src=\"http:\/\/feeds.feedburner.com\/~ff\/arstechnica\/index?d=yIl2AUoC8zA\" border=\"0\" referrerpolicy=\"no-referrer\" loading=\"lazy\"\/><\/a>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: Getty Images)<br \/>\nAn emergency patch Microsoft issued on Tuesday fails to fully fix &#8230;<\/p>\n<p> <a href=\"https:\/\/pappp.net\/?p=45644\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[226],"tags":[],"class_list":["post-45644","post","type-post","status-publish","format-standard","hentry","category-news-2"],"_links":{"self":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/45644","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=45644"}],"version-history":[{"count":0,"href":"https:\/\/pappp.net\/index.php?rest_route=\/wp\/v2\/posts\/45644\/revisions"}],"wp:attachment":[{"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=45644"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=45644"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pappp.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=45644"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}