Ransomware Gangs Try to Exploit ‘PrintNightmare’ Flaws
Endpoint Security
,
Fraud Management & Cybercrime
,
Governance & Risk Management
Meanwhile, Microsoft Has Published an Advisory on Another Zero-Day Bug
Security researchers at Cisco Talos and CrowdStrike are tracking several ransomware gangs that are attempting to exploit a bugs in Microsoft Windows dubbed “PrintNightmare,” which the company has been warning about since June.
See Also: 2021 Unit 42 Ransomware Threat Report
While Microsoft has issued emergency patches for some of the flaws, attackers are still targeting unpatched systems.
Meanwhile, Microsoft published an out-of-band security advisory Wednesday about another zero-day flaw that is part of the class of bugs that make up PrintNightmare, a series of remote code execution vulnerabilities affecting Windows Print Spooler – which enables devices to communicate with printers – as well as other printing features found in various versions of the Windows operating system.
Microsoft has issued an emergency workaround for this flaw but has not yet issued a patch.
PrintNightmare
Despite warnings from Microsoft and other security researchers over the last several months, the unpatched PrintNightmare vulnerabilities continue to cause issues for Windows users. In July, the U.S. Cybersecurity and Infrastructure Security Agency issued a directive for federal agencies to immediately patch the flaws (see: CISA Emergency Directive: Patch ‘PrintNightmare’ Flaw).
In previous alerts, Microsoft noted that these remote code execution vulnerabilities in the Windows Print Spooler and…
