fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Pushes Emergency Update for Windows PrintNightmare Zero-day

https://open.spotify.com/show/3Gmj15x6cGrgJEzmGnDTTj

Microsoft Pushes Emergency Update for Windows PrintNightmare Zero-day

Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. However, the patch is incomplete and the vulnerability can still be locally exploited to gain SYSTEM privileges.

The remote code execution bug (tracked as CVE-2021-34527) allows attackers to take over affected servers via remote code execution (RCE) with SYSTEM privileges, as it will enable them to install programs, view, change, or delete data, and create new accounts with full user rights.

Detailed instructions on how to install these out-of-band security updates for your operating system, are available in the support documents linked below:

Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft.

“Release notes associated with these updates might publish with a delay of up to an hour after the updates are available for download,” Microsoft said.

“Updates for the remaining affected supported versions of Windows will be released in the coming days.”

Also Read: PDPA Compliance Singapore: 10 Areas to Work On

PrintNightmware OOB security update

Patch only fixes remote exploitation

The PrintNightmare vulnerability includes both a remote code execution (RCE) and a local privilege escalation (LPE) vector that can be used in attacks to run commands with SYSTEM privileges on a vulnerable system.

After Microsoft released the out-of-band update, security researcher Matthew Hickey verified that the patch only fixes the RCE and not the LPE component.

https://twitter.com/hackerfantastic/status/1412529895788486657?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1412529895788486657%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-pushes-emergency-update-for-windows-printnightmare-zero-day%2F

This means that the fix is incomplete and threat actors and malware can still locally exploit the vulnerability to gain SYSTEM privileges.

Mitigation also available

Microsoft urges customers to install these out-of-band security updates immediately to address the PrintNightmare vulnerability.

Those who cannot install these updates as soon as possible should check out the FAQ and Workaround sections in the CVE-2021-34527 security advisory for info on how to protect their systems from attacks exploiting this vulnerability.

The available mitigation options include disabling the Print Spooler service to remove printing capability locally and remotely or disabling inbound remote printing through Group Policy to remove remote attack vector by blocking inbound remote printing operations.

In the second case, Microsoft says that “the system will no longer function as a print server, but local printing to a directly attached device will still be possible.”

Also Read: What Does a Data Protection Officer Do? 5 Main Things

CISA has also published a notification on the PrintNightmare zero-day last week encouraging admins to disable the Windows Print Spooler service on servers not used for printing.

Update 7/6/21: Added information about the incomplete fix.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us