PoC for PrintNightmare RCE Bug Published on Github, No Effective Patch Available
Chinese hacking group is targeting Afghan government, Israeli detective detained in a hacker-for-hire scheme, Some Netgear router models contain a serious flaw, Babuk builder uploaded to VT, more
We’ve got some exclusive content coming up for our premium subscribers, so please consider supporting Metacurity with a premium subscription today!
Proof-of-concept exploit code was published on Github for a vulnerability in the Windows Print Spooler service that can allow a total compromise of Windows systems. Microsoft initially issued a patch for the flaw, tracked as CVE-2021-1675 and called PrintNightmare, in June which it considered at the time to be a low-level privilege escalation bug. However, Microsoft later updated the bug’s description to classify it as a remote code execution (RCE) issue that somebody could remotely exploit to allow attackers to take complete control of unpatched Windows systems.
Three analysts from Chinese security firm Sangfor published the PoC and then pulled it from the code repository, but not before others cloned the exploit. Microsoft’s patch does not appear to work on the flaw because it seems that the Microsoft patch for CVE-2021-1675 only patche…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.