Hot Potatoes: Microsoft quickly fixed the recent "PrintNightmare" vulnerability, pushing it as a mandatory security update for multiple versions of Windows. Although this patch enhances protection with the added need for administrator credibility when installing unsigned printer drivers on print servers, the Windows DLL security researcher and developer is designed to bypass Microsoft's review of remote libraries. Capable of using a fully patched server.
PrintNightmare allows a remote attacker to exploit a vulnerability in the Windows Printer Spooler service and execute arbitrary commands with enhanced privileges. Microsoft quickly fixed a critical vulnerability found in all versions of Windows with an out-of-band security update. The following explains how to troubleshoot a fully patched and rendered server for PrintNightmare. Dealing with strings and filenames is tricky New functionality in #mimikatz to normalize filenames (bypassing checks with UNC instead of \\ server \ subscription format) So RCE (and LPE) with #printnightmare on a fully patched server, enabled with Point & Print > https://t.co/Wzb5GAfWfd pic.twitter.com/HTDf004N7r-
The researcher states that he bypassed Microsoft's latest patch to use PrintNightmare