Microsoft has released an emergency KB5004945 security update to block exploits by the zero-day vulnerability known as PrintNightmare.
Tracked as CVE-2021-34527, with a rating of 8.8 out of a possible 10 on the Common Vulnerabilities Scoring System, this remote code execution bug actively exploits the vulnerability in the Windows Print Spooler service, impacting all versions of Windows.
Despite the need for authentication, the severity of the issue is critical as unnamed threat actors can use it to take over a Windows domain server to easily deploy malware across an organisation’s network.
The bug allows the attackers to take over affected servers via remote code execution with SYSTEM privileges, enabling the installation of programs, and access to view, change, or delete data, or create new accounts with full user rights.
If malware is deployed in an organisations network, it can immediately disrupt digital operations, corrupt critical operating systems, expose sensitive internal and client data, or freeze all access to your systems and data until a ransom payment is made. The financial and reputation damage caused by these malicious threats can often be irreversible for organisations.
While Microsoft suggested that users disable the Windows Print Spooler service to prevent exploitation of PrintNightmare, we strongly recommend that all businesses work with their trusted IT partners to patch their systems with this update immediately.
Please note that all supported Windows versions need updating.
Remediation steps and patching for all vulnerable Diamond IT Managed Services customers have commenced, and no further action is required at this time.
For any further questions around the recent patching, please contact your Business Technology Manager.
Patching is a term used for describing the process of distributing updates to software, correcting vulnerabilities and improving user experience, performance and security. Patches are written by software vendors to repair bugs and improve stability.
In conjunction with a strong cybersecurity strategy, patching is a crucial tool to keep your systems secure. Without updates, your system will quickly become vulnerable to security threats.
Diamond IT provides regular patch management for our Managed Services customers to ensure your infrastructure is up-to-date and free of bugs and security risks. Our systems also allow us to implement one-off fixes when necessary to major security threats.
If you need advice on how you can ensure your cybersecurity strategy is fit for purpose, or if you'd like more information on Diamond IT's patch management system, our team of cybersecurity experts are ready to help. Contact our team on 1300 307 907 today.