Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
&color=blue)
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.
In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (Note: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):
Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.
UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates.
Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.
- http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html
- https://github.com/0housefly0/Printnightmare
- https://github.com/0x6d69636b/windows_hardening
- https://github.com/0x727/usefull-elevation-of-privilege
- https://github.com/0x7n6/OSCP
- https://github.com/0xMarcio/cve
- https://github.com/0xSs0rZ/Windows_Exploit
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xaniketB/HackTheBox-Driver
- https://github.com/0xirison/PrintNightmare-Patcher
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/3gstudent/Invoke-BuildAnonymousSMBServer
- https://github.com/5thphlame/OSCP-NOTES-ACTIVE-DIRECTORY-1
- https://github.com/61106960/ClipySharpPack
- https://github.com/AMatheusFeitosaM/OSCP-Cheat
- https://github.com/ANON-D46KPH4TOM/Active-Directory-Exploitation-Cheat-Sheets
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AUSK1LL9/CVE-2021-34527
- https://github.com/Abhijeet-Khanzode/TASK3
- https://github.com/AbishekPonmudi/Chronicle
- https://github.com/AbishekPonmudi/Chronicle-notes
- https://github.com/Abr-ahamis/Priv-Esc
- https://github.com/AdamAmicro/CAHard
- https://github.com/AdamPumphrey/PowerShell
- https://github.com/Ais1on/cyeg-rag
- https://github.com/AleHelp/Windows-Pentesting-cheatsheet
- https://github.com/Alfesito/windows_hardening
- https://github.com/Alssi-consulting/HardeningKitty
- https://github.com/Aman12-security/Vulnerability-Scanning-Task-Solution
- https://github.com/Amar224/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/Amaranese/CVE-2021-34527
- https://github.com/AndreLlorente/NVD_CVE_EXTRACTOR
- https://github.com/Andromeda254/cve
- https://github.com/AnisseHounaoui/pentesting-tools
- https://github.com/Ansuman2004/Basic_Vulnerability_Scan
- https://github.com/Antix28/cybersecurity-labs-log
- https://github.com/Ascotbe/Kernelhub
- https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/Austin-Src/CVE-Checker
- https://github.com/BADR0b0t33/NSFW-Malware
- https://github.com/BADR0b0t33/PrintAttck
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/BeetleChunks/SpoolSploit
- https://github.com/Bharathkasyap/programmatic-vulnerability-remediations-Bharath
- https://github.com/BobNich/answers-sec
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CanaanGM/cap_ze_flag
- https://github.com/Challengers-win/Sec-Interview-ai
- https://github.com/Chuggelfischli/HardeningKitty
- https://github.com/CnOxx1/CVE-2021-34527-1675
- https://github.com/Code-is-hope/CVE-Reporter
- https://github.com/Cruxer8Mech/Idk
- https://github.com/CyberUltron-Nikhil/WAF-Copilot
- https://github.com/Cyberappy/Sigma-rules
- https://github.com/CybermonkX/COMPREHENSIVE-CYBERSECURITY-ATTACK-AND-DEFENSE-SIMULATION
- https://github.com/DARKSTUFF-LAB/SpoolSploit
- https://github.com/DanielBodnar/awesome-stars
- https://github.com/DanielBodnar/my-awesome-stars
- https://github.com/Deletria/consulting-vulnerability-database-lab
- https://github.com/DenizSe/CVE-2021-34527
- https://github.com/EnriqueSanchezdelVillar/NotesHck
- https://github.com/Eutectico/Printnightmare
- https://github.com/Faizan-Khanx/OSCP
- https://github.com/GhostTroops/TOP
- https://github.com/GlacierGossip/PrintNightmare
- https://github.com/Gokul-C/CIS-Hardening-Windows-L1
- https://github.com/Gyarbij/xknow_infosec
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/H4niz/oscp-note
- https://github.com/HackingCost/AD_Pentest
- https://github.com/Hatcat123/my_stars
- https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784
- https://github.com/INIT6Source/Hacker-Arsenal-Toolkit
- https://github.com/In3x0rabl3/OSEP
- https://github.com/Iveco/xknow_infosec
- https://github.com/JERRY123S/all-poc
- https://github.com/JFR-C/Windows-Penetration-Testing
- https://github.com/Jalexander798/JA_Tools-ActiveDirectory-Exploitation
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/JohnHammond/CVE-2021-34527
- https://github.com/KevinHalston/PWN-CTF-2022
- https://github.com/KevinHalston/Pico-CTF-2022
- https://github.com/Kiosec/Windows-Exploitation
- https://github.com/LaresLLC/CVE-2021-1675
- https://github.com/LeonardKachi/CompTIA-Security-plus
- https://github.com/LuckyLukeZz/hardeningkitty
- https://github.com/Luekrit/Threat-Hunting-at-Australian-University-s-Incidents
- https://github.com/Ly0nt4r/OSCP
- https://github.com/MGamalCYSEC/Active-Directory-Enumeration-and-Attacks
- https://github.com/MahmoudTaleb55/picoCTF-reports
- https://github.com/Mark272kira/-Vulnerability-Scan-using-Nessus-Essentials
- https://github.com/Mehedi-Babu/active_directory_chtsht
- https://github.com/MinoTauro2020/ActiveDirectory-_tips
- https://github.com/MizaruIT/PENTAD-TOOLKIT
- https://github.com/MizaruIT/PENTADAY_TOOLKIT
- https://github.com/Mohit0/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/MrP-cpu/ThreatSight
- https://github.com/Msfv3n0m/SteamRoller
- https://github.com/Msfv3n0m/SteamRoller3
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Otsmane-Ahmed/Understanding-Advanced-Persistent-Threats-APTs-
- https://github.com/PelinsonLucas/TrabalhoGB_2_Seguranca_app
- https://github.com/Perucy/vulngpt
- https://github.com/PhantomMist271/cybersecurity-task-3-vulnerability-scan
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/RNBBarrett/CrewAI-examples
- https://github.com/RafaelwDuarte/Trabalho_Grau_B
- https://github.com/RaphaelDG/PrintNightmareCPP
- https://github.com/RaphaelKhoury/EPSS-Score-Extractor
- https://github.com/ReflectedThanatos/OSCP-cheatsheet
- https://github.com/Rootskery/Ethical-Hacking
- https://github.com/Royalboy2000/codeRDPbreaker
- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/S3cur3Th1sSh1t/PowerSharpPack
- https://github.com/S3cur3Th1sSh1t/WinPwn
- https://github.com/S61CUK29/network-scanner
- https://github.com/SSBhaumik/Printnightmare-safetool
- https://github.com/SYRTI/POC_to_review
- https://github.com/Saifcy/Documation-IR
- https://github.com/Samuel-Adeola/Nmap-Commands
- https://github.com/SantoriuHen/NotesHck
- https://github.com/SarfiHabibova/CVE-Scraper
- https://github.com/SatenderKumar3024/CompTIA-Security-SY0-701-Exam-Repository-with-Exam-notes-and-Test-based-real
- https://github.com/SecuProject/NetworkInfoGather
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/SexurityAnalyst/WinPwn
- https://github.com/Shadowven/Vulnerability_Reproduction
- https://github.com/SirElmard/ethical_hacking
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/SploitHQ/searchsploit
- https://github.com/SystemJargon/info-sec
- https://github.com/SystemJargon/infosec-windows-2022
- https://github.com/T0mcat3r/ALinks
- https://github.com/TheJoyOfHacking/cube0x0-CVE-2021-1675
- https://github.com/Threekiii/Awesome-Redteam
- https://github.com/TieuLong21Prosper/detect_bruteforce
- https://github.com/Tomparte/PrintNightmare
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/TypeError/elf
- https://github.com/VK9D/PrintNightmare
- https://github.com/Vertrauensstellung/PoshME
- https://github.com/ViniciusClement/OSCP_2025
- https://github.com/VishuGahlyan/OSCP
- https://github.com/Vluthor/Threat-Detection-SOC-Analysis
- https://github.com/VoiidByte/Impacket
- https://github.com/WatPow/anadoc
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation
- https://github.com/WiredPulse/Invoke-PrinterNightmareResponse
- https://github.com/Wong-Kai-Xian/CVE_Threat_Intelligence_Toolkit
- https://github.com/X-3306/my-all-notes
- https://github.com/YALOKGARua/YALOK-Programming-Language
- https://github.com/YoussDK0/pentest-ad-tool2
- https://github.com/Zamanry/OSCP_Cheatsheet
- https://github.com/ZeroCipherX/AttackBot
- https://github.com/Zeyad-Azima/Remedy4me
- https://github.com/abdullah89255/nuclei-examples-with-detailed-explanations
- https://github.com/adnan-kutay-yuksel/tryhackme-all-rooms-database
- https://github.com/adrianc68/cyber-security-concepts
- https://github.com/ahmed22-glitch/Understanding-Advanced-Persistent-Threats-APTs-
- https://github.com/akyuksel/tryhackme-all-rooms-database
- https://github.com/alvesnet-oficial/microsoft-vulnerabilidades
- https://github.com/alvesnet-suporte/microsoft-vulnerabilidades
- https://github.com/angui0O/Awesome-Redteam
- https://github.com/appatalks/ghes-cve-check
- https://github.com/auduongxuan/CVE-2022-26809
- https://github.com/aymankhder/AD-esploitation-cheatsheet
- https://github.com/aymankhder/Windows-Penetration-Testing
- https://github.com/b4rtik/SharpKatz
- https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform
- https://github.com/bhaveshpa-icpl/Hardening-windows
- https://github.com/boh/RedCsharp
- https://github.com/brimstone/stars
- https://github.com/brock-infosec/Hacker-Tools-Resources
- https://github.com/byt3bl33d3r/ItWasAllADream
- https://github.com/c04ch1337/metasploit_docker
- https://github.com/carloslacasa/cyber-ansible
- https://github.com/cfalta/MicrosoftWontFixList
- https://github.com/chdav/offensive-cybersec-toolkit
- https://github.com/clearbluejar/cve-markdown-charts
- https://github.com/corelight/CVE-2021-1675
- https://github.com/crimsoncore/SharpKatz
- https://github.com/crtaylor315/PrintNightmare-Before-Halloween
- https://github.com/cube0x0/CVE-2021-1675
- https://github.com/cyb3rpeace/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/cyb3rpeace/CVE-2021-34527
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/d0nkeyk0ng787/PrintNightmare-POC
- https://github.com/d0rb/CVE-2021-34527
- https://github.com/danielbodnar/my-awesome-stars
- https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/dvirItcher/433project
- https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC
- https://github.com/e-hakson/OSCP
- https://github.com/edsonjt81/CVE-2021-1675
- https://github.com/edsonjt81/SpoolSploit
- https://github.com/elinakrmova/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/elinakrmova/WinPwn
- https://github.com/eljosep/OSCP-Guide
- https://github.com/emtee40/win-pwn
- https://github.com/eng-amarante/CyberSecurity
- https://github.com/evilashz/CVE-2021-1675-LPE-EXP
- https://github.com/exfilt/CheatSheet
- https://github.com/fardinbarashi/Fix-CVE-2021-34527
- https://github.com/fardinbarashi/PsFix-CVE-2021-34527
- https://github.com/fazilbaig1/oscp
- https://github.com/floridop/serviceflipper
- https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527
- https://github.com/gautam0786/Cybersecurity-Intern-task-3
- https://github.com/gdrlab/PrintNightmare
- https://github.com/gecr07/HTB-Academy
- https://github.com/geekbrett/CVE-2021-34527-PrintNightmare-Workaround
- https://github.com/getanehAl/Windows-Penetration-Testing
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/glorisonlai/printnightmare
- https://github.com/glshnu/PrintNightmare
- https://github.com/goelmedha1/SecurityLens-CVEFinder-AI-Chatbot
- https://github.com/gregt114/cryptid564
- https://github.com/hack-parthsharma/WinPwn
- https://github.com/hackerhouse-opensource/cve-2021-34527
- https://github.com/hackerhouse-opensource/hackerhouse-opensource
- https://github.com/hacktheworldlive/exploits-guide
- https://github.com/harikrishhnan/CVE-Data-Retrieval-and-Management-System-
- https://github.com/hkochgavey/NVD_CVE_Project
- https://github.com/hktalent/TOP
- https://github.com/hlldz/CVE-2021-1675-LPE
- https://github.com/iamramahibrah/AD-Attacks-and-Defend
- https://github.com/jbmihoub/all-poc
- https://github.com/jcabrale/Windows_hardening
- https://github.com/jenilv-07/HardeningKitty
- https://github.com/jitmondal1/OSCP
- https://github.com/jjasoncool/hardeningkitty_custom
- https://github.com/jordanf17/PenTest-Report
- https://github.com/k0imet/CVE-POCs
- https://github.com/k8gege/Ladon
- https://github.com/karimhabush/cyberowl
- https://github.com/kayo09/ForMistakeLearning
- https://github.com/kdandy/WinPwn
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khulnasoft-lab/awesome-security
- https://github.com/khulnasoft-labs/awesome-security
- https://github.com/kptm-tools/kptm-docs
- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/ly4k/PrintNightmare
- https://github.com/m8sec/CVE-2021-34527
- https://github.com/mahdictf/PrivEsc-Techniques
- https://github.com/malwaremily/infosec-news-briefs
- https://github.com/mayormaier/printnightmare-fixes
- https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
- https://github.com/mdecrevoisier/SIGMA-detection-rules
- https://github.com/meltingscales/DragonShard
- https://github.com/merlinepedra/POWERSHARPPACK
- https://github.com/merlinepedra/SpoolSploit
- https://github.com/merlinepedra25/POWERSHARPPACK
- https://github.com/merlinepedra25/SpoolSploit
- https://github.com/mranv/adPentest
- https://github.com/mrlless/mp_pdql_example
- https://github.com/n0-traces/cve_monitor
- https://github.com/nathanealm/PrintNightmare-Exploit
- https://github.com/nehakoyalkar18/vulnerability_scan
- https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527
- https://github.com/netkid123/WinPwn-1
- https://github.com/nholuongut/active-directory-exploitation-cheat-sheet
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nullx3d/PaypScan
- https://github.com/orgTestCodacy11KRepos110MB/repo-9265-PowerSharpPack
- https://github.com/oscpname/AD_PowerSharpPack
- https://github.com/oscpname/OSCP_cheat
- https://github.com/outflanknl/PrintNightmare
- https://github.com/ozergoker/PrintNightmare
- https://github.com/ozzy76/cveCheck
- https://github.com/p0haku/cve_scraper
- https://github.com/parth45/cheatsheet
- https://github.com/penetrarnya-tm/WeaponizeKali.sh
- https://github.com/pentestfunctions/book_contents_notes
- https://github.com/pluja/stars
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/powershellpr0mpt/PrintNightmare-CVE-2021-34527
- https://github.com/prap05/elevatelabs_task03
- https://github.com/pudiish/CVE
- https://github.com/pwninx/WinPwn
- https://github.com/pwnlog/ALinks
- https://github.com/pwnlog/PAD
- https://github.com/pwnlog/PuroAD
- https://github.com/pwnlog/PurpAD
- https://github.com/r1skkam/PrintNightmare
- https://github.com/raithedavion/PrintNightmare
- https://github.com/rajbhx/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/rathor-ak/Task-3-vulnerability-Report-
- https://github.com/rdboboia/disable-RegisterSpoolerRemoteRpcEndPoint
- https://github.com/retr0-13/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/retr0-13/PrintNightmare
- https://github.com/retr0-13/WinPwn
- https://github.com/revanmalang/OSCP
- https://github.com/rodrigosilvaluz/JUST_WALKING_DOG
- https://github.com/romarroca/random-scripts
- https://github.com/rumputliar/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/s3mPr1linux/JUST_WALKING_DOG
- https://github.com/scipag/HardeningKitty
- https://github.com/sh7alward/CVE-20121-34527-nightmare
- https://github.com/shahidshaik786/ActiveDirectory_Attacks_CRTP_OSCP
- https://github.com/skyethedev/HardeningKitty
- https://github.com/slaptat/GroupScripts
- https://github.com/snovvcrash/WeaponizeKali.sh
- https://github.com/soosmile/POC
- https://github.com/spartancyberultron/WAF-Copilot
- https://github.com/sponkmonk/Ladon_english_update
- https://github.com/suman-git74/Vulnerability-Scanner
- https://github.com/swatiagrawal264/SecurityLens_CVE-Finder_AI-Chatbot
- https://github.com/sweetpotatohack/akuma-advanced-scanner
- https://github.com/sweetpotatohack/akuma-lowhanging-scanner
- https://github.com/syntaxbearror/PowerShell-PrintNightmare
- https://github.com/synth3sis/PrintNightmare
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/thangnguyenchien/CVE
- https://github.com/thomas-lauer/PrintNightmare
- https://github.com/threatsurfer/cve-attack-mapper
- https://github.com/tid4l/offensive-cybersec-toolkit
- https://github.com/tim3959951/CVE-Analysis-Agent
- https://github.com/trganda/starrlist
- https://github.com/trhacknon/Pocingit
- https://github.com/txuswashere/OSCP
- https://github.com/tylertank/printspoofer
- https://github.com/uhub/awesome-c-sharp
- https://github.com/undefined-name12/Cheat-Sheet-Active-Directory
- https://github.com/versatilitydev/r2d2_api
- https://github.com/vinaysudheer/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whitfieldsdad/cisa_kev
- https://github.com/whoami-chmod777/CVE-2021-1675-CVE-2021-34527
- https://github.com/willamygarcia/Vuln_Windows_7_11
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/wlfrag/printnightmare
- https://github.com/wowter-code/PowerSharpPack
- https://github.com/x968ms/pentest
- https://github.com/xbufu/PrintNightmareCheck
- https://github.com/xcode96/REDME
- https://github.com/xhref/OSCP
- https://github.com/xtawb/Shadowolf
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/ycdxsb/WindowsPrivilegeEscalation
- https://github.com/yovelo98/OSCP-Cheatsheet
- https://github.com/zecool/cve
- https://github.com/zhanpengliu-tencent/medium-cve