Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges. The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM...
Read More
Description:It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to dataconfidentiality and integrity as well as system availability. Impact:The vulnerability enables an unprivileged local...
Read More
Description:A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change or delete data;or create new accounts with full user rights.An attack must involve an authenticated user calling RpcAddPrinterDriverEx(). Impact:This remote code execution (RCE) CVE-2021-34527 impacts all versions...
Read More
