PrintNightmare was a critical
security vulnerability affecting the
Microsoft Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
operating system.
The vulnerability occurred within the
print spooler service.
There were two variants, one permitting
remote code execution (CVE-2021-34527), and the other leading to
privilege escalation (CVE-2021-1675).
A third vulnerability (CVE-2021-34481) was announced July 15, 2021, and upgraded to remote code execution by Microsoft in August.
On July 6, 2021, Microsoft started releasing out-of-band (unscheduled) patches attempting to address the vulnerability.
Due to its severity, Microsoft released patches for
Windows 7, for which support had ended in January 2020.
The patches resulted in some printers ceasing to function.
Researchers have noted that the vulnerability has not been fully addressed by the patches. After the patch is applied, only
administrators account on Windows print server, will be able to install printer drivers, as part of the vulnerability related to the ability of non-administrators to install printer drivers on the system, such as
shared printers on system without sharing password protection.
The organization which discovered the vulnerability, Sangfor, published a
proof of concept in a public
GitHub repository.
Apparently published in error, or as a result of a miscommunication between the researchers and Microsoft, the proof of concept was deleted shortly after.
However, several copies have since appeared online.
See also
*
BlueKeep
*
EternalBlue
References
2021 in computing
Computer security exploits
Windows administration
{{Computer-security-stub