Site icon TechNewsBoy.com

Microsoft issues update with partial fix for Windows PrintNightmare exploit

Scott Marlette


Almost a week after Microsoft issued a warning about a new Windows security vulnerability dubbed ‘PrintNightmare,’ the company has released an emergency patch to protect users.

PrintNightmare leverages vulnerabilities in the Windows Print Spooler service, software installed on all versions of Windows that helps handle printing jobs. Microsoft issued the warning after researchers accidentally published details about the vulnerability — the researchers mistook it for a different Print Spooler flaw that Microsoft had patched.

The PrintNightmare security flaw could allow attackers to remotely execute code on a Windows device with system-level privileges. The vulnerability includes two issues — a remote code execution and a local privilege escalation. The former refers to the ability for an attacker to execute commands on a system remotely. The latter refers to exploiting a bug, flaw or other issue to escalate an app’s privilege (i.e., from a ‘user’ to an ‘admin’).

Bleeping Computer notes that Microsoft’s ‘KB5004945’ emergency security update partially fixes PrintNightmare. According to the publication, Microsoft’s patch fixes the remote exploit, but the vulnerability could still be exploited locally to gain system privileges.

The security patch is available for the following Windows versions (note that some have different update versions, specified below):

  • Windows 10 versions 21H1, 20H1, 2004 (KB5004945)
  • Windows 10 version 1909 (KB5004946)
  • Windows 10 version 1809 and Windows Server 2019 (KB5004947)
  • Windows 10, version 1803 (KB5004949) [Not available yet]
  • Windows 10, version 1507 (KB5004950)
  • Windows 8.1 and Windows Server 2012 (Monthly Rollup KB5004954 / Security only KB5004958)
  • Windows 7 SP1 and Windows Server 2008 R2 SP1 (Monthly Rollup KB5004953 / Security only KB5004951)
  • Windows Server 2008 SP2 (Monthly Rollup KB5004955 / Security only KB5004959)

For most Windows users, getting the update will be as simple as opening the Settings app > Update & Security > Windows Update and clicking the ‘Check for updates’ button. Keep an eye out for an update ‘Cumulative Update’ with version number ‘KB5004945’ (or one of the other ones if you’re running an older version of Windows).

Source: Bleeping Computer

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here
Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version