question

Vlad99-5086 avatar image
0 Votes"
Vlad99-5086 asked Vlad99-5086 commented

Print Nightmare CVE-2021-34527 is included in Security Update For Exchange Server 2016 CU21 (KB5004779)?

Hi All,


I hope you're well and keeping safe.

I have a question please related to an Exchange Server 2016 which sits on a Windows Server 2016 Datacenter Edition (x64) machine.

I'm trying to apply the patches for Print Nightmare vulnerability CVE-2021-34527 and I couldn't get installed any of the below patches:

July 7, 2021—KB5004948

July 13, 2021—KB5004238

July 29, 2021—KB5005393

August 10, 2021—KB5005043

https://support.microsoft.com/en-gb/topic/august-10-2021-kb5005043-os-build-14393-4583-709d481e-b02a-4eb9-80d9-75c4b8170240

The error message that I get is that patches are not applicable for the system.

When I use the "Check for updates" feature, there are no missing updates, I have also tried to reset the Windows Update component and that didn't made any difference.

Could you please advise if the Security Update For Exchange Server 2016 CU21 (KB5004779) (CVE-2021-31196) (CVE-2021-31206) (CVE-2021-33768) includes the mitigation for Print Nightmare CVE-2021-34527, I couldn't see that is clearly mentioned that?

Thank you in advance for your help and time.

windows-server-update-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LeonLaude avatar image
1 Vote"
LeonLaude answered Vlad99-5086 commented

Hi @Vlad99-5086,

As far as I know the Print Nightmare is only included in Windows Server 20XX updates, not in Exchange updates, you can check which updates includes the fix over here:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Can you check which are your recent installed updates to verify if the Print Nightmare (CVE-2021-34527) is included in that update?


If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!


Best regards,
Leon

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @LeonLaude ,


I appreciate your time to respond to this query.

This is what I thought as well, from what I found so far, the Print Nightmare CVE is separate and only mitigated in the patches July 7, 2021—KB5004948, which was superseded by July 13, 2021—KB5004238, superseded by July 29, 2021—KB5005393 and superseded by August 10, 2021—KB5005043.

When checking on the server I cannot see any of those patches installed, just the Security Update For Exchange Server 2016 CU21 (KB5004779), Silverlight, Microsoft .NET Framework 4.8 and Windows Malicious Software Removal Tool x64 - August 2021 (KB890830).

When using check for updates there are no missing patches and as mentioned I have tried to reset Windows Update component a couple of times with different processes / scripts that I found online.

Could you please let me know if you have any other ideas or what should I check next?


Thank you,
Vlad.

0 Votes 0 ·

I would worry more about the updates not being "applicable", this can be due to a few different reasons:

  • Update is superseded

  • Update is already installed

  • Wrong update for architecture

  • Missing prerequisite update

I wonder if you're missing the prerequisite, which would be the latest Servicing Stack Update (SSU), the latest one is the following:
https://support.microsoft.com/en-us/topic/kb5001402-servicing-stack-update-for-windows-10-version-1607-april-13-2021-0c0367b8-2389-4154-a17e-6df57123423d

and it can be downloaded from here:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB5001402



0 Votes 0 ·

Hi @LeonLaude ,


Thank you for the reply, this is another strange one, when trying to deploy that SSU patch it's saying it's not applicable either.

This is the OS:
126834-image.png



Do you have any other ideas please?


Thank you,
Vlad.

0 Votes 0 ·
image.png (23.0 KiB)