[SANS ISC] Microsoft Releases Patches for CVE-2021-34527, (Wed, Jul 7th)

Microsoft today released patches for CVE-2021-34527, the vulnerability also known as “printnightmare”. Patches are currently available for these versions of Windows:

Windows 10 Version 21H1 (32-bit, x64, ARM64)
Windows 10 Version 2004 (32-bit, x64, ARM64)
Windows 10 Version 1909  (32-bit, x64, ARM64)
Windows 10 Version 1809  (32-bit, x64, ARM64)
Windows 10 (32-bit and x64)
Windows RT 8.1
Windows 8.1 (32-bit and x64)
Windows 7 SP1 (32-bit and x64)
Windows Server, version 20H2 (ARM, 32-bit, x64, Server Core)
Windows Server, version 2004 (ARM, 32-bit, x64, Server Core)
Windows Server 2019 (including Server Core)
Windows Server 2012 R2 (including Server Core)
Windows Server 2008 R2 SP1 and SP2

Patches for other versions will follow shortly. Please apply them as soon as they are released. This will affect  Windows 10 version 1607, Windows Server 2016, and Windows Server 2012.

Applying the update will also patch the older CVE-2021-1675 vulnerability.

For details, see Microsoft’s updated advisory:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527


Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Source: Read More (SANS Internet Storm Center, InfoCON: green)

You might be interested in …

[BleepingComputer] WhatsApp won’t limit features even if you reject privacy changes

WhatsApp says that it will no longer limit the app’s functionality for users who disagree with the new privacy policy requiring them to share their data with Facebook companies. […] Source: Read More (BleepingComputer)

Read More

[SecurityWeek] Ransomware Attack on UK Rail System – Spray and Pray or Targeted?

All posts, Security Week

Northern Rail, one of the UK’s local railway systems covering the north of England, had its new self-service ticketing machines taken off-line following a ransomware attack last week. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SANS ISC] Waiting for the C2 to Show Up, (Fri, Aug 20th)

All posts, Sans-ISC

Keep this in mind: “Patience is key”. Sometimes when you are working on a malware sample, you depend on online resources. I’m working on a classic case: a Powershell script decodes then injects a shellcode into a process. There are plenty of tools that help you to have a good idea of a shellcode behavior (like scdbg[1]): […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.