NIST's guidance for a Zero Trust Architecture

Recent AD News

Another zero-day vulnerability confirmed by Microsoft

Zero-Day vulnerability

This vulnerability, present in the Windows Print Spooler service, allows local attackers to get access to system privileges.

Microsoft has confirmed another Windows Print Spooler vulnerability, that is being tracked as CVE-2021-36958. This vulnerability, which is a part of the PrintNightmare set of vulnerabilities, allows the local attackers to gain access to system privileges.

Microsoft released an advisory for the vulnerability, saying that there exists a remote code execution vulnerability when the Windows Print Spooler service does not properly perform privileged file operations.

“An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the advisory says.

Microsoft says that the current workaround for this zero-day vulnerability is to disable the Print Spooler service. Disabling the service was a workaround also to another PrintNightmare vulnerability.

Earlier in March, Microsoft had disclosed a set of 0-day vulnerabilities called Proxylogon vulnerabilities in its on-premise Exchange servers. One of the flaws allowed attackers to bypass the authentication mechanism to gain access to resources in the servers. ManageEngine has a webinar that speaks about preventing and mitigating such 0-day vulnerability exploits. You can watch the webinar recording here.

Related posts
Recent AD News

650+ compromised credentials found to be in use within NEW Cooperative-the latest organization hit by ransomware

Recent AD News

CISA, FBI, and NSA anticipate a rise in Conti ransomware attacks, issue joint cybersecurity advisory

Recent AD News

Azure security flaw puts Zero-Trust in the spotlight

Recent AD News

Attackers use stolen credentials to intrude into the UN network

Leave a Reply

Your email address will not be published. Required fields are marked *