'PrintNightmare' Threat Targets Windows Domain Servers

By Samantha Cordell | July 8, 2021

PrintNightmare Threat

Microsoft has released an emergency KB5004945 security update to block exploits by the zero-day vulnerability known as PrintNightmare.

Tracked as CVE-2021-34527,  with a rating of 8.8 out of a possible 10 on the Common Vulnerabilities Scoring System, this remote code execution bug actively exploits the vulnerability in the Windows Print Spooler service, impacting all versions of Windows. 

 

Details of the threat

Despite the need for authentication, the severity of the issue is critical as unnamed threat actors can use it to take over a Windows domain server to easily deploy malware across an organisation’s network.

The bug allows the attackers to take over affected servers via remote code execution with SYSTEM privileges, enabling the installation of programs,  and access to view, change, or delete data, or create new accounts with full user rights.

 

What does this mean for your business?

If malware is deployed in an organisations network, it can immediately disrupt digital operations, corrupt critical operating systems, expose sensitive internal and client data, or freeze all access to your systems and data until a ransom payment is made. The financial and reputation damage caused by these malicious threats can often be irreversible for organisations. 

 

Immediate recommendation

While Microsoft suggested that users disable the Windows Print Spooler service to prevent exploitation of PrintNightmare, we strongly recommend that all businesses work with their trusted IT partners to patch their systems with this update immediately. 

Please note that all supported Windows versions need updating.

 

A notification to our customers

Remediation steps and patching for all vulnerable Diamond IT Managed Services customers have commenced, and no further action is required at this time.

For any further questions around the recent patching, please contact your Business Technology Manager.

 

What is 'Patching'?

Patching is a term used for describing the process of distributing updates to software, correcting vulnerabilities and improving user experience, performance and security. Patches are written by software vendors to repair bugs and improve stability. 

In conjunction with a strong cybersecurity strategy, patching is a crucial tool to keep your systems secure. Without updates, your system will quickly become vulnerable to security threats.

 

How Diamond IT can support your security

Diamond IT provides regular patch management for our Managed Services customers to ensure your infrastructure is up-to-date and free of bugs and security risks. Our systems also allow us to implement one-off fixes when necessary to major security threats.

If you need advice on how you can ensure your cybersecurity strategy is fit for purpose, or if you'd like more information on Diamond IT's patch management system, our team of cybersecurity experts are ready to help. Contact our team on 1300 307 907 today.

 

LET'S TALK

TAGS: Managed IT Services, News and General, Cyber Security, Business Technology Consulting,

About Samantha Cordell
Samantha Cordell

It is not surprising that our Head of Marketing, Samantha (Sam) has spent most of her (nearly) 30-year career in the IT industry. Sam studied a combination of computer science and marketing at the University of New England. Her dynamic, energetic and pragmatic style lends itself perfectly to tech. With a background working with major players such as Microsoft, Intel and Cisco Systems, Sam is energised by driving meaningful marketing outcomes for industry leaders.