A critical severity vulnerability affecting the Windows Print Spooler Service, dubbed “PrintNightmare”, was treated with emergency patches by Microsoft. The vulnerability, initially believed to allow for escalation of privileges, was later discovered to also allow for remote code execution (RCE) attacks. If combined successfully, the vulnerabilities could allow for complete access to an organization’s infrastructure. Obstacles to fixing the issue were compounded by the accidental public exposure by researchers of a working proof of concept (PoC) for the exploit, which was reportedly cloned before it was removed. This event highlights the crucial role organizations such as Microsoft play in rapid remediation and the importance for researchers and defenders alike to remain diligent when developing PoCs.
Digital Shadows
Threat Intelligence and Digital Risk Protection Resources
