Microsoft's incomplete PrintNightmare patch fails to fix vulnerability Researchers have bypassed Microsoft's emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed. for more info go here https://www.bleepingcomputer.com/news/microsoft/microsofts-incomplete-printnightmare-patch-fails-to-fix-vulnerability/ https://www.techradar.com/news/microsofts-emergency-printnightmare-patch-doesnt-actually-fix-the-issue-at-all
From my understanding the MS patch only addressed the RPC/LRPC but left the LPE unchanged. Hence why it could still be exploited if the attacker had local access.
I may be wrong, but from what I've seen, the MS Patches for legacy OS such as Win 7 is only available for those who have an active subscription in the ESU Program. Disabling the spooler service my be the only option for the time being until its sorted out.
Also, if you've applied the Opatch see below before running MS Patch
"If you're using 0patch against PrintNightmare, DO NOT apply the July 6 Windows Update! Not only does it not fix the local attack vector but it also doesn't fix the remote vector. However, it changes localspl.dll, which makes our patches that DO fix the problem stop applying," tweeted the 0Patch service.
Its amazing that OPatch can provide a fix that works yet Microsoft doesn't, just a not even half-baked attempt at it.
SA
Hi Hugh thinks for the URL fix. Like you said every one computers are not the same. Tried to fix the link ran out of time.. Hugh Take care Thanks...
Just a quick but that Bleeping link did not get to page but to apapocgy page from Bleeping C. However this may be a link there to the "real" page.
Maybe that's why my newish HP Computer booted up from overnight shutdown to a HP START Page not seen before but offering me a range of actions to fix my reaching this page but no indcation which I should choose so I told it to what it usually did and it did .... I took some screenshots with my phone and may post for help if I can get the pics onto my PC!
I think it was the HP equivalent to hammering F2 or F9 during bootup?