Sadly, the harmful PrintNightmare exploit that impacts a number of variations of the Home windows working system continues to be a critical risk, even after Microsoft launched a patch that in keeping with the corporate solved the issue.
Nothing might be farther from the reality, since though it blocks one type of assault, this exploit affords one other avenue of assault for cybercriminals.
The PrintNightmare exploit has two components that can be utilized by attackers:
- Distant Code Execution (RCE)
- Native Privilege Escalation (LPE)
The patch launched a couple of days in the past by Microsoft, blocks the primary type of RCE assault, not the second.
In response to a report from Betanews, the pc safety researcher Will DormannAfter putting in the Microsoft safety patch and testing it, he found that the patch labored midway, since though it solves the Distant Code Execution, it doesn’t work with the opposite assault route (RCE), as indicated within the following tweet.
And primarily based on testing of the primary VM of mine that accomplished the set up of the replace (Home windows 8.1), it appears like it really works towards each the SMB and the RPC variants within the @cube0x0 github repo. I do not suppose that LPE is mounted, although. @hackerfantastic ‘s PoC nonetheless works.
— Will Dormann (@wdormann) July 6, 2021
As well as the researcher Benjamin Delpy public video from a system that has the Microsoft launched patch put in, which continues to be susceptible to the Nightmare exploit:
Coping with strings & filenames is tough😉
New perform in #mimikatz 🥝to normalize filenames (bypassing checks by utilizing UNC as a substitute of servershare format)
So a RCE (and LPE) with #printnightmare on a totally patched server, with Level & Print enabled
– 🥝 Benjamin Delpy (@gentilkiwi) July 7, 2021
So it solely stays to attend for Microsoft to publish a brand new patch once more and hope that it really works!
Observe us on Twitter via Pureblogbd and don’t miss all of the information, free programs and different articles. You may as well observe us via our Youtube channel to see our movies and thru Instagram to see our pictures!