“PrintNightmare” Zero-Day Windows vulnerability

Content

Microsoft recently published patches for a vulnerability in the printer services in Windows. However, this vulnerability has not yet been fully closed so it can still be exploited. The vulnerability allows an attacker to execute code on any Windows computer that has the print spooler service turned on. This is the case with a standard installation.

An attacker with network access can gain system-level access to every Windows computer and server that uses the print spooler service. This vulnerability was rated by the NFIR CERT team with a Common Vulnerability Scoring System (CVSS) of 9.4, which represents a critical vulnerability. To mitigate the vulnerability, two measures can be taken. First, completely disabling the printer spoolers on all systems. If this is not possible, the second way is to change the permissions of the folder that the exploit code uses to ensure that the proof-of-concept code does not work. In any case, it is advised to keep Windows systems up-to-date. Read more about the scope and nature of the vulnerability and how to take effective mitigating vulnerabilities in this publication.

“PrintNightmare” Zero-Day Windows vulnerability

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage.
In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?