question

IvanMagdolen-4107 avatar image
1 Vote"
IvanMagdolen-4107 asked RitaHu-MSFT commented

PrintNightmare - CVE-2021-34527 - Do latest Cumulative Updates for Win Server 2016/2019 fix this issue ?

Hi,

I would like to ask you if updates:
2021-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5004238)
2021-07 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5004244)

contains also fix for PrintNightmare CVE-2021-34527. Because updates mentioned above are replacing following updates which fix PrintNightmare CVE-2021-34527:
2021-07 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5004948)
2021-07 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5004947)

but in KB articles I didn't find anything about that:
https://support.microsoft.com/help/5004238
https://support.microsoft.com/help/5004947

And when we approve both (KB5004238 & KB5004948; KB5004244 & KB5004947) at the same time the latest one will be installed.
Thank you for your answer.

Kind regards
Ivan

windows-serverwindows-server-update-services
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@IvanMagdolen-4107
Whether the solutions provided by me and LeonLaude are helpful or not? It seems that there are no updates for several day.

Please keep us in touch if you have any questions. Rememer to accept the answer if the issue has been resolved.

Thanks for your understand and cooperation.

Regards,
Rita

0 Votes 0 ·
LeonLaude avatar image
1 Vote"
LeonLaude answered LeonLaude edited

Hi @IvanMagdolen-4107,

The July 13, 2021 cumulative security updates contain all previous security fixes - including the security fix for the print spooler vulnerability (CVE-2021-34527).

Reference:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527


If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!


Best regards,
Leon

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @LeonLaude,
The reason why I am asking is because I didn't find KBs:
KB5004238
KB5004244

even in list which you provided:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Only following KBs related to Windows Server 2016 and Windows Server 2019 are mentioned there:
Windows Server 2016 - KB5004948
Windows Server 2019 - KB5004947

so I am not sure if KB5004238, KB5004244 also fix CVE-2021-34527.
Can you please confirm if these KBs fix PrintNightmare issue ?
Thank you.

Kind regards
Ivan

0 Votes 0 ·

The updates are cumulative which means that newer updates contain all the previous fixes, so the July 13 patches does contain the PrintNightmare vulnerability fix.

0 Votes 0 ·
JamesBertram-4070 avatar image
1 Vote"
JamesBertram-4070 answered

There is a remaining security risk with local execution.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RitaHu-MSFT avatar image
0 Votes"
RitaHu-MSFT answered RitaHu-MSFT commented

@IvanMagdolen-4107
Please review the below pictures and screenshots will be helpful:
116489-4.png

116469-5.png

Thanks for your time and have a nice day:)


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


4.png (38.1 KiB)
5.png (41.6 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I've checked also catalog info before I created this post but I saw in past that updates which superseding another updates didn't contain all fixes. And superseded update should be installed also. So I was just wondering if this is not that case as I didn't find anything which explicitly says that updates KB5004238 and KB5004244 contains also fix for CVE-2021-34527. But as LeonLaude said that this cumulative contains all previous fixes even they are not mentioned in KB I take it as should be fine just install patches release on July 13.
Thank you for your answer.

0 Votes 0 ·

You are welcome. It' my pleasure.

Please try to post on this fourm if you have any other questions next time.

Regards,
Rita

0 Votes 0 ·