Microsoft attempts to fix print security issue
announced that it’s completed its investigation into a print vulnerability, called
“PrintNightmare,” which affects all versions of Windows, and released security updates to address the vulnerability.
- assigned CVE-2021-34527 to the print-spooler remote code execution vulnerability, and confirmed that the vulnerable code is in all versions of Windows.
- permits an attacker to run arbitrary code with SYSTEM privileges
- hacker who exploits this vulnerability could run arbitrary code with SYSTEM privileges, and could then install programs; view, change, or delete data; or create new accounts with full user rights.
- Microsoft is urging users to visit the Security Updates table here for the applicable update for their system, and recommends users install these updates immediately.
- As if an actively exploited critical flaw in the Windows Print Spooler that can allow someone to take over your computer remotely isn’t bad enough, some people who installed Microsoft’s security patch found out that the connection to their printer stopped working. In a near-repeat of a problem that occurred this spring with a different Windows 10 security update, system admins discovered that many PCs suddenly couldn’t connect to printers — most notably several models of Zebra label printers — after installing the
KB5004945 patch.
- Microsoft has acknowledged the problem as a known issue that can be solved by rolling back the patch or reinstalling the printer as an administrator.
- In a statement to The Sports Grind Entertainment, Zebra acknowledged the problem and said Microsoft plans to release an updated patch in the next couple of days that should address the issue.