fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft PrintNightmare Hack Gives Any Windows User Admin Privileges to a PC—How to Fix

Microsoft PrintNightmare Hack Gives Any Windows User Admin Privileges to a PC—How to Fix

(Photo : by NOEL CELIS/AFP via Getty Images)

The Microsoft logo is seen at its local headquarters in Beijing on July 20, 2021, the day after the US accused Beijing of carrying out cyber attack on Microsoft and charged four Chinese nationals over “malicious” hack in March.

The Microsoft PrintNightmare security vulnerability has been bringing numerous problems to Windows users. And now, another flaw has been discovered.

As per Bleeping Computer, in June, a security researcher disclosed a vulnerability on Windows that goes by the name PrintNightmare or CVE-2021-34527. Back then, it provided remote code execution, along with the elevation of privileges on the Microsoft operating system.

Even as Microsoft attempted to fix the PrintNightmare security flaw with an updated patch, it still failed to stop the potential exploitation of hackers.

Researchers quickly figured out a way to bypass the recently rolled out fix. Thus, making the update useless.

Microsoft PrintNightmare Hack and Windows Admin Privileges

This time around, the PrintNightmare still carries alarming vulnerabilities, according to a recent study concerning it.

To be precise, a security researcher, who is also a Mimikatz creator, Benjamin Delpy, found a hack to allow anyone to have an admin privilege in a PC.

It is to note that Delpy still continues to study the PrintNightmare, wherein he still constantly shares bypasses to exploit the remote printer driver.

Also Read: Protecting Data Online in the New Normal

Microsoft PrintNightmare Hack: How it Works

Delpy was able to gain complete access to a PC by setting up the remote printer server at \\printnightmare[.]gentilkiwi[.]com, a website that allows users to download a hacked version of the driver.

Asu such, upon installing the hack, a person with an account that only has limited access could instantly get an admin privilege that can completely access a PC. That said, a corporate user can go on to control the PCs of other people.

It is to note that BleepingComputer tested the hack themselves and found the hack working as the security researcher said it does.

Microsoft PrintNightmare Hack: How to Stop

Now that it has been established that the remote printer server definitely allows any user to have admin access, Delpy also gave solutions to prevent such incidents from happening to other folks out there.

To make things easier, CERT outlined the quick fix in their advisory. And to cut to the chase, here is one of them.

One way of combating the exploit involves the disabling of the Windows print spooler. It is to note that this method prevents all of the vulnerabilities that the PrintNighmare carries.

Also Read: The Top 4 W’s of Ethical Hacking

Start by opening the Command Prompt by clicking the Windows key on your keyboard and the X key simultaneously. Then, upon opening the program, enter this:

Stop-Service -Name Spooler -Force

Set-Service -Name Spooler -StartupType Disabled

However, applying this command will disable the remote printing service on your PC.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us