PenTera Vs. The PrintNightmare Bug

The PrintNightmare vulnerability has been affecting Windows users for months. Despite multiple attempts at patches, problems are still persisting. Understandably, the debacle has concerned the cyber community.

What is PrintNightmare?

PrintNightmare is a vulnerability that affects the Microsoft Windows Print Spooler Service. The ‘Print Spooler’ is enabled by default in all Windows clients and servers. The service manages print jobs by loading printer drivers, receiving print files, queuing/ scheduling them, and more.

The printing issue came about in June as a result of the Windows ‘KB5004945’ updates which affects virtually all versions of Windows systems. Microsoft is now urging people to uninstall the update as soon as possible.

The vulnerability has become a primary target for ransomware groups, as it allows them to gain total control over an affected system. All they need to do is is find a compromised workstation to gain access to the whole network. By abusing system privileges, they can install programs; view, alter, or delete data; or create new accounts with full user rights.

In July, Microsoft released an emergency patch to address the vulnerability but it was subsequently bypassed. The patch only addressed the RCE component, which meant that an attacker could still escalate regular user privileges to gain system-level privileges.

How PenTera can help

PenTera is a fully automated platform that requires no prior knowledge of the IT environment in question. The solution can see what nobody else can, providing instant discovery and exposure validation across the entire IT infrastructure.

With the latest version of PenTera v4.5.5, the PrintNightmare vulnerability can now be identified. What’s more, it exposes, exploits, prioritises and remediates PrintNightmare, as well as pinpointing all the possible attack paths a hacker may take to compromise your organisation.

PenTera is the only Penetration Testing tool that can do all of this automatically, without any agent, with a completely safe-by-design approach. Thanks to constant updates, it protects against the most up to date threats and attacker techniques.

Ready to adopt a more proactive approach to your cybersecurity?

Join us at our ransomware event on the 3rd and 4th of November to get the lowdown on how to protect your organisation against attacks and exploited vulnerabilities.

Let’s talk about cybersecurity in the NHS

In the last few years alone, the healthcare industry has benefited from a vast array of new technologies. With this digital evolution comes countless opportunities for advancement, from the development of medical equipment to improved care provision. However, great...

CyCognito: The Importance of Protecting your Entire IT Ecosystem

Picture the scene. You’re about to go on holiday and you’re getting ready to set off. The bags have been packed, the house has been cleaned, and your valuables have been safely stored away. All that’s left to do is lock the front door, hop in the taxi, and head to the...

Partners

Share This