A new unofficial patch has been released for CVE-2021-34527, better known as PrintNightmare. Previously thought to be an extension of CVE-2021-1675, Microsoft has clarified that PrintNightmare actually exploits a different vulnerability within RpcAddPrinterDriverEx(). Microsoft still maintains that CVE-2021-1675 has been remediated through the June 8th, 2021 security update. While Microsoft continues to investigate PrintNightmare, no official patch has been released, but third-party vendor 0patch has released their own “micropatch” for free. 0patch is normally a paid (for enterprise) service that releases targeted “micropatches” to fix vulnerabilities and support older, end of life Windows operating systems. In a blog post introducing their patch, 0patch also mentions that although additional attack vectors have been discovered since the initial release of the PrintNightmare exploit, their patch still defends against currently known exploitations.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased