There’s yet another new PrintNightmare hack

Nightmare indeed - so patch now

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

ThePrintNightmare vulnerabilityis living up to its name with anothercybersecurityresearcher exploiting the bug in a privilege escalation attack.

PrintNightmare created havoc when it was accidentally disclosed by Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched byMicrosoft, which pushed the company toput out a new patchto address the remote code exploitation (RCE) vulnerability as well.

Now, Benjamin Delpy, creator of popular post exploitation tool Mimikatz, has found a way to exploit the vulnerability in the Windows Print Spooler to enable any user to gain admin privileges on a vulnerable computer.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

According to reports, Delpy’s workaround takes advantage of the fact that Windows doesn’t prevent Limited users from installing printer drivers. Furthermore, it won’t complain when these drivers are fetched from remote print servers, and will then run them with the System privilege level.

No end to the abuse

After issuing anout-of-band update, Microsoft also included the PrintNightmare patch in itsJuly Patch Tuesday.

Notably, a section of security researchers, including Delpy, hadraised concernsabout the patch arguing that it’s how Microsoft checks for remote libraries in the PrintNightmare patch that offers an opportunity to work around the patch.

In a tweet,Delpy mentionedthat PrintNightmare has taught him “a lot about printer spooler & drivers (even how to build and sign them).”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

He’s put all his learnings into action by demonstrating a proof-of-concept (PoC) that downloads a rogue driver that misuses the latitude it’s given by Windows to eventually fire up a system prompt even for a user with a limited access account.

Speaking toBleeping Computer, Delpy shared that we haven’t seen the last of Windows print spooler abuse, pointing to a couple of upcoming sessions at DefCon and Black Hat conferences that will share new shortcomings and exploits.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Red One isn’t perfect but it proves we need more action-packed Christmas movies