![]() ![]() ![]() Unfortunately, ransomware gangs, like Vice Society, Magniber, and Conti, started to use the bug in order to gain privileges on the compromised devices. Once the DLL was launched by the exploit, a console Window where all commands are executed with SYSTEM privileges would be opened. The vulnerability discovered by Delpy was able to abuse the CopyFiles directive in order to copy and execute malicious DLL using SYSTEM privileges when a user installed a remote printer. Regardless of the fact that Microsoft published two security patches to address different PrintNightmare flaws, another vulnerability publicly disclosed by security researcher Benjamin Delpy still enabled threat actors to swiftly obtain SYSTEM access by connecting to a remote print server. This flaw makes use of the Windows Point and Print functionality in order to allow remote code execution and the acquisition of local SYSTEM privileges. Microsoft recently released a security update to fix the PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices.Ī zero-day Windows print spooler vulnerability called PrintNightmare ( CVE-2021-34527) was accidentally disclosed. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |