Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

PrintNightmare

From Wikipedia, the free encyclopedia
Security vulnerability in Microsoft Windows

PrintNightmare
CVE identifier(s)CVE-2021-1675
CVE-2021-34527
CVE-2021-34481
Date discoveredJune 29, 2021; 3 years ago (2021-06-29)
Date patchedJuly 6, 2021; 3 years ago (2021-07-06)[1]
DiscovererSangfor[2][3]
Affected softwareMicrosoft Windows 7, 8, 8.1, 10, 11
Microsoft Windows Server 2008, 2012, 2012 R2, 2016, 2019, 2022[4]

PrintNightmare is a criticalsecurity vulnerability affecting theMicrosoft Windows operating system.[2][5] The vulnerability occurred within theprint spooler service.[6][7] There were two variants, one permittingremote code execution (CVE-2021-34527), and the other leading toprivilege escalation (CVE-2021-1675).[7][8] A third vulnerability (CVE-2021-34481) was announced July 15, 2021, and upgraded to remote code execution by Microsoft in August.[9][10]

On July 6, 2021, Microsoft started releasing out-of-band (unscheduled) patches attempting to address the vulnerability.[11] Due to its severity, Microsoft released patches forWindows 7, for which support had ended in January 2020.[11][12] The patches resulted in some printers ceasing to function.[13][14] Researchers have noted that the vulnerability has not been fully addressed by the patches.[15] After the patch is applied, onlyadministrator accounts on Windows print server will be able to install printer drivers.[16] Part of the vulnerability related to the ability of non-administrators to install printer drivers on the system, such asshared printers on system without sharing password protection.[16]

The organization which discovered the vulnerability, Sangfor, published aproof of concept in a publicGitHub repository.[3][17] Apparently published in error, or as a result of a miscommunication between the researchers and Microsoft, the proof of concept was deleted shortly after.[3][18] However, several copies have since appeared online.[3]

See also

[edit]

References

[edit]
  1. ^"July 6, 2021—KB5004945 (OS Builds 19041.1083, 19042.1083, and 19043.1083) Out-of-band".Microsoft Support. Microsoft Corporation.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  2. ^abValinsky, Jordan (July 9, 2021)."Microsoft issues urgent security warning: Update your PC immediately".CNN Business.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  3. ^abcdCorfield, Gareth (June 30, 2021)."Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller".The Register.Archived from the original on July 8, 2021. RetrievedJuly 11, 2021.
  4. ^"Security Update Guide - Microsoft Security Response Center".msrc.microsoft.com. RetrievedJune 17, 2024.
  5. ^"Microsoft fixes critical PrintNightmare bug".BBC News. July 7, 2021.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  6. ^Winder, Davey (July 2, 2021)."New Critical Security Warning Issued For All Windows Versions As 'PrintNightmare' Confirmed".Forbes.Archived from the original on July 11, 2021. RetrievedJuly 11, 2021.
  7. ^ab"Security Update Guide - Microsoft Security Response Center".msrc.microsoft.com. Microsoft Corporation.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  8. ^"Microsoft Releases Out-of-Band Security Updates for PrintNightmare".US-CERT. Cybersecurity and Infrastructure Security Agency. July 6, 2021.Archived from the original on July 7, 2021. RetrievedJuly 11, 2021.
  9. ^"More PrintNightmare: 'We TOLD you not to turn the Print Spooler back on!'".Naked Security. July 16, 2021. RetrievedSeptember 7, 2021.
  10. ^"Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34481".msrc.microsoft.com. RetrievedSeptember 7, 2021.
  11. ^ab"Out-of-Band (OOB) Security Update available for CVE-2021-34527 – Microsoft Security Response Center".Microsoft Security Response Center. Microsoft Corporation.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  12. ^Sharwood, Simon (July 7, 2021)."Microsoft patches PrintNightmare – even on Windows 7 – but the terror isn't over".The Register.Archived from the original on July 8, 2021. RetrievedJuly 11, 2021.
  13. ^Smith, Adam (July 9, 2021)."Microsoft fixes huge security bug – and breaks people's printers".The Independent.Archived from the original on July 9, 2021. RetrievedJuly 11, 2021.
  14. ^Lawler, Richard (July 8, 2021)."The Windows update to fix 'PrintNightmare' made some printers stop working".The Verge. Vox Media.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  15. ^Goodin, Dan (July 8, 2021)."Microsoft Keeps Failing to Patch the Critical 'PrintNightmare' Bug".Wired. Condé Nast.Archived from the original on July 10, 2021. RetrievedJuly 11, 2021.
  16. ^abMackie, Kurt (July 9, 2021)."Microsoft Clarifies Its 'PrintNightmare' Patch Advice -- Redmondmag.com".Redmondmag. 1105 Media Inc. RetrievedJuly 11, 2021.
  17. ^Constantin, Lucian (July 8, 2021)."PrintNightmare Vulnerability Explained: Exploits, Patches, and Workarounds".ARN. IDG Communications.Archived from the original on July 8, 2021. RetrievedJuly 11, 2021.
  18. ^Warren, Tom (July 2, 2021)."Microsoft warns of Windows "PrintNightmare" vulnerability that's being actively exploited".The Verge. Vox Media.Archived from the original on July 9, 2021. RetrievedJuly 11, 2021.
Hacking in the 2020s
← 2010sTimeline2030s →
Major incidents
2020
2021
2022
2023
2024
Groups
Individuals
Majorvulnerabilities
publiclydisclosed
Malware
2020
2021
2022
Portal:


Stub icon

Thiscomputer security article is astub. You can help Wikipedia byexpanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=PrintNightmare&oldid=1233672218"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2025 Movatter.jp