Microsoft’s emergency PrintNightmare patch doesn’t actually fix the issue at all

Microsoft is aiming to verify the claims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers had expressed doubts about the efficacy ofMicrosoft’s recent PrintNightmare patch soon after it was released, and now there are reports of new proof-of-exploit code that circumvents the fix altogether.

PrintNightmare created havoc when it wasaccidentally disclosedby Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched by Microsoft, which pushed the company toput out a new patchto address the remote code exploitation (RCE) vulnerability as well.

While security expertKevin Beaumont believedthe new patch didn’t plug the local privilege escalation (LPE) vulnerability in certain editions of Windows such asWindows Server 2012 R2, anew videoby another researcher now demonstrates that both RCE and LPE vulnerabilities are still exploitable.

Patch the patch

Patch the patch

Reporting on the findings of Benjamin Delpy, creator of popular post exploitation tool Mimikatz,The Registersaysthat it’s how Microsoft checks for remote libraries in the PrintNightmare patch that offers an opportunity to work around the patch.

“They did not test it for real,” Delpy bluntly toldThe Register, reportedly describing the issue as “weird from Microsoft.”

Microsoft however insists that while they are aware of the claims of the security researchers, and are testing them, they aren’t aware of any bypasses, avoiding answeringThe Register’squestions related to Delpy’s finding.

“If our investigation identifies additional issues, we will take action as needed to help protect customers,” a Microsoft spokesperson toldThe Register.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Nokia confirms data breach leaked third-party code, but its data is safe

Best CDN provider of 2024

Black Friday is here: Sony XM5 over-ears drop to their lowest-seen price – act fast!