After the CVE-2021-1675 and CVE-2021-34527 updates on Print Spooler issue, some new updates about the PrintNightmare vulnerabilities added today.
- CVE-2021-34527 affects all versions of Windows (including but not limited to DC).
- Successful exploitation requires authentication and results in remote code execution (RCE) and local privilege escalation (LPE) on a vulnerable target.
- To fully remediate risk introduced by CVE-2021-34527, Windows systems administrators must disable Point and Print across their environments. This is an essential step in the remediation process, without which the out-of-band updates are ineffective.
Link:
- https://attackerkb.com/topics/MIHLz4sY3s/cve-2021-34527-printnightmare?referrer=notificationEmail#rapid7-analysis