Microsoft Corporation, Microsoft Windows, Computer, Windows 10, Vulnerability All windows systems under PrintNightmare remote execution vulnerability attack #CVE-2021-34527
Actually, i came with some security issue with windows security issue, actually it’s a really critical and microsoft itself announced. That is a very critical, so we have to secure ourselves most of the people using the windows laptops only and the windows servers and it doesn’t matter which version we are using. Even it is a 7 8 or windows 10 or server 2016. 2018, 2019 doesn’t matter. Wherever the service installed prints holder by default, it will install while installing the windows so it’s not impacted. Today, uh microsoft announced that this uh novelty is impacted for all the servers, so they given the current solution for this, and you know, it’s, going to be release a patch for this in july 12th. They are using the windows in windows environment, so they are impacted. So now we have the option to protect ourselves like disable the service print. But is it difficult to say because most of the businesses they are using the windows server to print their invoices and the documents? So if we disable, we are able, we are not able to print any of uh documents laptop or a pc to the printer. Then we can print it it’s locally. We can print it when when we disable the service, we won’t be able to print anything. So for this case, the given uh one workaround solution here i’ll show you that how we have to do that and uh what current solution is called.
Like you know, honorable t, which is released by the microsoft. It is saying that cbe2021 3454527 is a security vulnerability. It is released on until it is released on the past july, but it’s updated on the today so uh. Actually, the summary, which is called microsoft, aware that investigation and the remote code, execution, vulnerability and effects windows print spooler has assigned the this vulnerability. This is evaluating the situation and i will update the cv as more information as possible like that in the specified – and you know, but this is actually a windows. Microsoft, given a workflow installation work around solution means is actually not like a full fledged solution. It’S a temporary to protect ourselves and windows. Given a solution like you know, work around, we need to run this into the windows server cmd, and this is a simple command. We have the gate, service, namespooler and option. One is uh, see. Actually, we they given the two workaround solution. One is the disabled polar service which we can do from the windows service as well as we can use the command level, the command level. We call it uh, simple step. Like you know, we have to use the stop service name. Spooler, pos, ipam post means it’s a possibly. We can stop this service and mean time if you not really comfort with this command level, simply go to the services from there. You can find the print spoiler service there. You can set it on and now the second one, like you know, disabling the inbound, remote printing through the group policy.
This policy also windows. We can set it like. You know, uh, you need not to disable the service. Just we go to the uh reject registry editor. There you can put this command setup based on this policy, what it will do, uh still you can able to print the documents and the print and things, and just we need to set these policies and what we will do. We will disable this. Allow the print spooler accept client connections, so it will block the remote attacks and still you can able to connect the local printers directly with the cable. So these are two solutions provided by the microsoft and the same thing. We can do it level, like you know, uh, service, level, service level means simply no need to simply go here and click on to the services. The services you can find the printer and the scroller same the command which is given, that is a man from the command level, and if you are not really comfort with this command level, just go to the services there. You can find the print scroller here properties and here already disabled. So just you go and disable it and stop the service and apply and okay, then you are secure. Actually, you have to protect yourself and as well as your community, because most of the people are using the windows service. We are using this window, they are impacted, so it will cause to uh impact to others, because it will spread to the other pieces as well.
When we are using because the attackers they are well intelligent, so they simply uh track and they can able to grab everything whatever in the pc, so it’s, a very simple injection, so please protect yourself by disabling the service or disable your internet.