1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft's emergency PrintNightmare patch doesn't actually fix the is

    From TechnologyDaily@1337:1/100 to All on Thu Jul 8 15:00:04 2021
    Microsoft's emergency PrintNightmare patch doesn't actually fix the issue at all

    Date:
    Thu, 08 Jul 2021 13:43:19 +0000

    Description:
    Security researchers have demonstrated a flaw in Microsofts patch to bypass
    it completely.

    FULL STORY ======================================================================

    Cybersecurity researchers had expressed doubts about the efficacy of Microsofts recent PrintNightmare patch soon after it was released, and now there are reports of new proof-of-exploit code that circumvents the fix altogether.

    PrintNightmare created havoc when it was accidentally disclosed by Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched by Microsoft, which pushed the company to put out a new patch to address the remote code exploitation (RCE) vulnerability as well.

    While security expert Kevin Beaumont believed the new patch didnt plug the local privilege escalation (LPE) vulnerability in certain editions of Windows such as Windows Server 2012 R2 , a new video by another researcher now demonstrates that both RCE and LPE vulnerabilities are still exploitable. Heres our recommendations for the best small business printers We've put together a list of the best endpoint protection software Check our list of
    the best firewall apps and services Patch the patch

    Reporting on the findings of Benjamin Delpy, creator of popular post exploitation tool Mimikatz, The Register says that its how Microsoft checks for remote libraries in the PrintNightmare patch that offers an opportunity
    to work around the patch.

    "They did not test it for real," Delpy bluntly told The Register , reportedly describing the issue as weird from Microsoft.

    Microsoft however insists that while they are aware of the claims of the security researchers, and are testing them, they arent aware of any bypasses, avoiding answering The Registers questions related to Delpys finding.

    "If our investigation identifies additional issues, we will take action as needed to help protect customers," a Microsoft spokesperson told The Register . Protect your devices with these best antivirus software



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsofts-emergency-printnightmare-patch-doesn t-actually-fix-the-issue-at-all/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)