Testing PrintNightmare Spooler Disable mitigation
| 2 Votes |
Description
PrintNightmare, Critical Windows Print Spooler Vulnerability | CISA
Property Details
| 26860 | |
| Alpha - Code that was just developed | |
| Testing PrintNightmare Spooler Disable mitigation | |
| BESC | |
| Internal | |
| 7/1/2021 12:00:00 AM | |
| test vulnerability spooler print printnightmare | |
| brolly33 on 7/1/2021 12:34:20 PM | |
| brolly33 on 7/1/2021 12:34:20 PM | |
| 4192 Views / 43 Downloads | |
* Average over 1 rating.
** Log In or Register to add your rating.
|
Relevance
isWindows (Relevance 1172)
windows of operating system
| Used in 1 fixlet | * Results in a true/false |
product type of operating system != nt workstation product type /*optionally avoids desktops*/
| Used in 1 fixlet | * Results in a true/false |
exists services "spooler" whose (state of it = "Running" OR start type of it != "disabled")
Actions
Action 1 (default)
Action Link Click
here to deploy this action.
Script Type
BigFix Action Script
wait sc.exe stop spooler
wait sc.exe config spooler start= disabled
Success Criteria
This action will be considered successful when the applicability relevance evaluates to false.
Action 2
Action Link Click
here to see more information.
Script Type
URL
https://us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability
Sharing
| Social Media: |
Comments
 |
|
| The current fixlets don't apply to all OS (like Server 2016) and don't correct the Credential Elevation issues. MS basically released beta-level partial fixes. | |
 |
|
| Note - If you are looking for PrintNightmare, MS has released patches and Fixlets are available in regular Patch Fixlet sites. | |
