Patch only fixes remote exploitation

Patch only fixes remote exploitation

3 years ago
Anonymous $drS9DEX_Sj

https://www.bleepingcomputer.com/news/security/microsoft-pushes-emergency-fix-for-windows-printnightmare-vulnerability/

Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges.

The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM privileges, as it will enable them to install programs, view, change, or delete data, and create new accounts with full user rights.

Last Seen
18 minutes ago
Reputation
0
Spam
0.000
Last Seen
29 minutes ago
Reputation
0
Spam
0.000
Last Seen
23 seconds ago
Reputation
0
Spam
0.000
Last Seen
3 hours ago
Reputation
0
Spam
0.000