PrintNightmare
| CVE identifiers | CVE-2021-1675 CVE-2021-34527 CVE-2021-34481 |
|---|---|
| Date discovered | June 29, 2021 |
| Date patched | July 6, 2021[1] |
| Discoverer | Sangfor[2][3] |
| Affected software | Microsoft Windows 7, 8, 8.1, 10, 11 Microsoft Windows Server 2008, 2012, 2012 R2, 2016, 2019, 2022[4] |
PrintNightmare is a critical security vulnerability affecting the Microsoft Windows operating system.[2][5] The vulnerability occurred within the print spooler service.[6][7] There were two variants, one permitting remote code execution (CVE-2021-34527), and the other leading to privilege escalation (CVE-2021-1675).[7][8] A third vulnerability (CVE-2021-34481) was announced July 15, 2021, and upgraded to remote code execution by Microsoft in August.[9][10]
On July 6, 2021, Microsoft started releasing out-of-band (unscheduled) patches attempting to address the vulnerability.[11] Due to its severity, Microsoft released patches for Windows 7, for which support had ended in January 2020.[11][12] The patches resulted in some printers ceasing to function.[13][14] Researchers have noted that the vulnerability has not been fully addressed by the patches.[15] After the patch is applied, only administrator accounts on Windows print server will be able to install printer drivers.[16] Part of the vulnerability related to the ability of non-administrators to install printer drivers on the system, such as shared printers on system without sharing password protection.[16]
The organization which discovered the vulnerability, Sangfor, published a proof of concept in a public GitHub repository.[3][17] Apparently published in error, or as a result of a miscommunication between the researchers and Microsoft, the proof of concept was deleted shortly after.[3][18] However, several copies have since appeared online.[3]
See also
[edit | edit source]References
[edit | edit source]- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b c d Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ a b Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
- ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
Lua error in mw.title.lua at line 392: bad argument #2 to 'title.new' (unrecognized namespace name 'Portal').
