Microsoft today released patches for CVE-2021-34527, the vulnerability also known as “printnightmare”. Patches are currently available for these versions of Windows:
- Windows 10 Version 21H1 (32-bit, x64, ARM64)
- Windows 10 Version 2004 (32-bit, x64, ARM64)
- Windows 10 Version 1909 (32-bit, x64, ARM64)
- Windows 10 Version 1809 (32-bit, x64, ARM64)
- Windows 10 (32-bit and x64)
- Windows RT 8.1
- Windows 8.1 (32-bit and x64)
- Windows 7 SP1 (32-bit and x64)
- Windows Server, version 20H2 (ARM, 32-bit, x64, Server Core)
- Windows Server, version 2004 (ARM, 32-bit, x64, Server Core)
- Windows Server 2019 (including Server Core)
- Windows Server 2012 R2 (including Server Core)
- Windows Server 2008 R2 SP1 and SP2
Patches for other versions will follow shortly. Please apply them as soon as they are released. This will affect Windows 10 version 1607, Windows Server 2016, and Windows Server 2012.
Applying the update will also patch the older CVE-2021-1675 vulnerability.
For details, see Microsoft’s updated advisory:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
—
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
