Microsoft Issues Security Updates for ‘PrintNightmare’ Vulnerability
On July 6th, Microsoft announced that it’s completed its investigation into a print vulnerability, called “PrintNightmare,” which affects all versions of Windows, and released security updates to address the vulnerability.
Remote Code Execution
Microsoft assigned CVE-2021-34527 to the print-spooler remote code execution vulnerability, and confirmed that the vulnerable code is in all versions of Windows.
PrintNightmare permits an attacker to run arbitrary code with SYSTEM privileges. An attacker who exploits this vulnerability could run arbitrary code with SYSTEM privileges, and could then install programs; view, change, or delete data; or create new accounts with full user rights.
Microsoft is urging users to visit the Security Updates table here for the applicable update for their system, and recommends users install these updates immediately.
For more information, visit Microsoft here.