The recommended way to do this is using a Group Policy Object. Additionally, administrators should employ the following best practice from Microsoft’s how-to guides, published January 11, 2021: “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled.
LANSWEEPER PRINT NIGHTMARE UPDATE
(Original post June 30, 2021) The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has released an update for CVE-2021-1675, it is important to realize that this update does not address the public exploits that also identify as CVE-2021-1675.” An attacker can exploit this vulnerability-nicknamed PrintNightmare-to take control of an affected system.ĬISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working. (Updated July 1, 2021) See Microsoft's new guidance for the Print spooler vulnerability (CVE-2021-34527) and apply the necessary workarounds. Enforcement phase enforces the changes to address CVE-2021-1678 by increasing the authorization level.
Similarly, Microsofts seemingly endless stream of problematic updates continues to lead to. Microsofts fix was in two phases, first to add a registry setting to increase the authorization level for remote access to printers and second, to inform admins that 'the release transitions into the enforcement phase on September 14, 2021. (Updated July 2, 2021) For new information and mitigations, see Microsoft's updated guidance for the Print spooler vulnerability (CVE-2021-34527). The PrintNightmare vulnerability continues to cause headaches for Windows users and Microsoft alike.
0 kommentar(er)
