Out-Of-Band Security Update For Windows Print Spooler Remote Code Execution Vulnerability

Corrine

Corrine

Administrator,
Microsoft MVP,
Security Analyst
Staff member
Joined
Feb 22, 2012
Posts
12,391
Location
Upstate, NY
Microsoft released an out-of-band update to address CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability for Windows 10 Versions 21H1, 20H2, 2004, 1909, 1809, 1803, 1507, and Windows 8.1

Although at the time of this posting, the KB Articles are not accessible yet, the Windows versions and assigned KB Articles are as follows:
Update: To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area. To get the standalone package, go to the Microsoft Update Catalog website.

Update history for Windows 10
 
Last edited:
MSRC information at Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability:

Quote
On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible.

CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability.

Following the out of band release (OOB) we investigated claims regarding the effectiveness of the security update and questions around the suggested mitigations.

Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.
Click to expand...


Additional information is in the referenced blog post.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top