fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft: PrintNightmare Security Updates Work, Start Patching!

Microsoft: PrintNightmare Security Updates Work, Start Patching!

Microsoft says the emergency security updates released at the start of the week correctly patch the PrintNightmare Print Spooler vulnerability for all supported Windows versions and urges users to start applying the updates as soon as possible.

This clarified guidance comes after security researchers tagged the patches as incomplete after finding that the OOB security updates could be bypassed in specific scenarios.

“Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare,” the Microsoft Security Response Center explains.

“All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.”

Clarified PrintNightmare guidance

Microsoft has updated the PrintNightmare patch guidance and is now encouraging customers to update as soon as possible.

These are the correct steps required to patch this critical Windows Print Spooler RCE vulnerability as shared by Microsoft:

  • In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings
  • After applying the security update, review the registry settings documented in the CVE-2021-34527 advisory
  • If the registry keys documented do not exist, no further action is required
  • If the registry keys documented exist, in order to secure your system, you must confirm that the following registry keys are set to 0 (zero) or are not present:
    • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
    • NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
    • UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Additional information and further guidance are available in the KB5005010 support document and the CVE-2021-34527 security advisory.

Also Read: How to Choose a Penetration Testing Vendor

How to install the PrintNightmare security updates

You can find detailed steps on how to install these emergency security updates in the support documents linked below:

If you cannot immediately install the security updates on your system(s), you can disable the Windows Print Spooler service to mitigate the PrintNightmare vulnerability temporarily.

Thursday night, Microsoft has also issued an emergency fix to address printing issues affecting Zebra and Dymo receipt or label printers due to changes introduced in the June 2021 cumulative update preview with the recently released KB5003690, KB5004760, and KB5004945 updates.

Also Read: The 5 Phases of Penetration Testing You Should Know

This fix is being rolled out via Microsoft’s Known Issue Rollback (KIR) feature, which pushes fixes for known issues through Windows Update and should reach most impacted systems within 24 hours (restarting the computer may also speed up the process.)

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us