WASHINGTON: Homeland Security’s Cybersecurity and Infrastructure Security Agency issued an emergency policy yesterday evening calling on the Pentagon and all other law enforcement agencies to fix a Microsoft Windows vulnerability that could allow attackers to take control of entire networks.

The vulnerability, officially called CVE-2021-34527 and called PrintNightmare by security researchers, affects a Microsoft Windows service called Print Spooler. The print spooler enables printing functions in local networks. CISA’s contingency policy states that PrintNightmare “poses an unacceptable risk … and requires contingency measures” as it allows attackers to gain administrative control of IT systems and execute malicious code remotely.

Microsoft first announced PrintNightmare on July 1, less than a month after security researchers accidentally discovered another bug in the print coil called CVE-2021-1675. The tech giant believed PrintNightmare was a threat to confidentiality, integrity and …


Source link

Leave a Reply