-
Microsoft: APT28 hackers exploit Windows flaw reported by NSA
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg.
- April 22, 2024
- 01:22 PM
0
-
Microsoft unveils new, more secure Windows Protected Print Mode
Microsoft announced a new Windows Protected Print Mode (WPP), introducing significant security enhancements to the Windows print system.
- December 16, 2023
- 10:20 AM
2
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
CISA warns of attackers now exploiting Windows Print Spooler bug
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler.
- April 19, 2022
- 06:08 PM
- 0
-
How to fix the Windows 0x0000007c network printing error
A Windows security update released in October caused widespread Windows 10 and Windows 11 issues where users experience 0x0000007c errors when adding or printing to network printers. This article describes a fix you can use for the 0x0000007c printing errors.
- November 11, 2021
- 01:54 PM
- 8
-
Microsoft fixes remaining Windows PrintNightmare vulnerabilities
Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly.
- September 14, 2021
- 04:43 PM
- 3
-
Microsoft confirms another Windows print spooler zero-day bug
Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer.
- August 11, 2021
- 06:10 PM
- 2
-
Microsoft fixes Windows Print Spooler PrintNightmare vulnerability
Microsoft has fixed the PrintNightmare vulnerability in the Windows Print Spooler by requiring users to have administrative privileges when using the Point and Print feature to install printer drivers.
- August 10, 2021
- 01:00 PM
- 1
-
New Windows PrintNightmare zero-days get free unofficial patch
A free unofficial patch has been released to protect Windows users from all new PrintNightmare zero-day vulnerabilities discovered since June.
- August 05, 2021
- 11:19 AM
- 5
-
Remote print server gives anyone Windows admin privileges on a PC
A researcher has created a remote print server allowing any Windows user with limited privileges to gain complete control over a device simply by installing a print driver.
- July 31, 2021
- 02:23 PM
- 1
-
New Windows print spooler zero day exploitable via remote print servers
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature.
- July 18, 2021
- 04:02 PM
- 1
-
Microsoft Defender for Identity now detects PrintNightmare attacks
Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers' attempts to abuse this critical vulnerability.
- July 16, 2021
- 08:56 AM
- 0
-
Microsoft shares guidance on new Windows Print Spooler vulnerability
Microsoft is sharing mitigation guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed tonight.
- July 15, 2021
- 08:49 PM
- 0
-
Windows print nightmare continues with malicious driver packages
Microsoft's print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers.
- July 15, 2021
- 02:57 PM
- 5
-
Microsoft: PrintNightmare security updates work, start patching!
Microsoft says the emergency security updates released at the start of the week correctly patch the PrintNightmare Print Spooler vulnerability for all supported Windows versions and urges users to start applying the updates as soon as possible.
- July 09, 2021
- 02:26 AM
- 17
-
How to mitigate Print Spooler vulnerability on Windows 10
Researchers have revealed that Microsoft's patch is incomplete and attackers can still abuse the vulnerability to gain access to the system. In this guide, we will highlight the steps to disable the Windows Print Spooler service and mitigate the PrintNightmare vulnerability.
- July 07, 2021
- 05:47 PM
- 5
-
Microsoft's incomplete PrintNightmare patch fails to fix vulnerability
Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed.
- July 07, 2021
- 01:56 PM
- 11
-
Microsoft shares mitigations for Windows PrintNightmare zero-day bug
Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare.
- July 02, 2021
- 02:56 AM
- 0
-
CISA: Disable Windows Print Spooler on servers not used for printing
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a notification regarding the critical PrintNightmare zero-day vulnerability and advises admins to disable the Windows Print Spooler service on servers not used for printing.
- July 01, 2021
- 12:09 PM
- 0
-
Public Windows PrintNightmare 0-day exploit allows domain takeover
Technical details and proof-of-concept (PoC) exploit have been accidentally leaked for a currently unpatched vulnerability in Windows that allows remote code execution.
- June 30, 2021
- 01:20 PM
- 1
