Microsoft Releases Patches for CVE-2021-34527, (Wed, Jul 7th)

Microsoft today released patches for CVE-2021-34527, the vulnerability also known as “printnightmare”. Patches are currently available for these versions of Windows:

  • Windows 10 Version 21H1 (32-bit, x64, ARM64)
  • Windows 10 Version 2004 (32-bit, x64, ARM64)
  • Windows 10 Version 1909  (32-bit, x64, ARM64)
  • Windows 10 Version 1809  (32-bit, x64, ARM64)
  • Windows 10 (32-bit and x64)
  • Windows RT 8.1
  • Windows 8.1 (32-bit and x64)
  • Windows 7 SP1 (32-bit and x64)
  • Windows Server, version 20H2 (ARM, 32-bit, x64, Server Core)
  • Windows Server, version 2004 (ARM, 32-bit, x64, Server Core)
  • Windows Server 2019 (including Server Core)
  • Windows Server 2012 R2 (including Server Core)
  • Windows Server 2008 R2 SP1 and SP2

Patches for other versions will follow shortly. Please apply them as soon as they are released. This will affect  Windows 10 version 1607, Windows Server 2016, and Windows Server 2012.

Applying the update will also patch the older CVE-2021-1675 vulnerability.

For details, see Microsoft’s updated advisory:

Johannes B. Ullrich, Ph.D. , Dean of Research,

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.