Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

"The way of the world is to praise dead saints and prosecute live ones." -- Nathaniel Howe

computers / alt.windows7.general / Re: PrintNightmare: Update your PC immediately

SubjectAuthor
* PrintNightmare: Update your PC immediatelyMichael Trew
+* Re: PrintNightmare: Update your PC immediatelyJo-Anne
|+* Re: PrintNightmare: Update your PC immediatelyPaul
||+- Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
||+- Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
||`* Re: PrintNightmare: Update your PC immediatelyStan Brown
|| `* Re: PrintNightmare: Update your PC immediatelyWolffan
||  `- Re: PrintNightmare: Update your PC immediatelyStan Brown
|+* Re: PrintNightmare: Update your PC immediatelyVanguardLH
||`* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|| +* Re: PrintNightmare: Update your PC immediatelyPaul
|| |`- Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
|| +* Re: PrintNightmare: Update your PC immediatelyVanguardLH
|| |`* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|| | `* Re: PrintNightmare: Update your PC immediatelyVanguardLH
|| |  `* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|| |   `- Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
|| `- Re: PrintNightmare: Update your PC immediatelyMayayana
|`* Re: PrintNightmare: Update your PC immediatelyMerle
| `* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|  +- Re: PrintNightmare: Update your PC immediatelyMerle
|  `* Re: PrintNightmare: Update your PC immediatelyPaul
|   +* Re: PrintNightmare: Update your PC immediatelyPeterC
|   |`* Re: PrintNightmare: Update your PC immediatelyPaul
|   | `- Re: PrintNightmare: Update your PC immediatelyPeterC
|   `* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|    `* Re: PrintNightmare: Update your PC immediatelyPaul
|     `- Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
+* Re: PrintNightmare: Update your PC immediatelyMayayana
|+* Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
||+* Re: PrintNightmare: Update your PC immediatelyMayayana
|||`- Re: PrintNightmare: Update your PC immediatelyPaul
||+* Re: PrintNightmare: Update your PC immediatelyStan Brown
|||`* Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
||| `* Re: PrintNightmare: Update your PC immediatelyPaul
|||  `* Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
|||   `- Re: PrintNightmare: Update your PC immediatelyChar Jackson
||`* Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|| `- Re: PrintNightmare: Update your PC immediatelyJava Jive
|`- Re: PrintNightmare: Update your PC immediatelyStan Brown
+* Re: PrintNightmare: Update your PC immediatelyDavid E. Ross
|+* Re: PrintNightmare: Update your PC immediatelyPaul
||`* Re: PrintNightmare: Update your PC immediatelygfretwell
|| `* Re: PrintNightmare: Update your PC immediatelyPaul
||  `* Re: PrintNightmare: Update your PC immediatelygfretwell
||   `- Re: PrintNightmare: Update your PC immediatelyStan Brown
|+* Re: PrintNightmare: Update your PC immediatelyDavid E. Ross
||`* Re: PrintNightmare: Update your PC immediatelyPaul
|| `- Re: PrintNightmare: Update your PC immediatelyJ. P. Gilliver (John)
|`- Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
`* Re: PrintNightmare: Update your PC immediatelySailfish
 `* Re: PrintNightmare: Update your PC immediatelySailfish
  +* Re: PrintNightmare: Update your PC immediatelyStan Brown
  |+- Re: PrintNightmare: Update your PC immediatelySailfish
  |`- Re: PrintNightmare: Update your PC immediatelyFrank Slootweg
  `- Re: PrintNightmare: Update your PC immediatelySailfish

Pages:123
Re: PrintNightmare: Update your PC immediately

<sctmdt$fmu$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=1988&group=alt.windows7.general#1988

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: NIXCAPSsailfish@NIXCAPSunforgettable.com (Sailfish)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: Fri, 16 Jul 2021 21:30:56 -0700
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <sctmdt$fmu$1@dont-email.me>
References: <scivkt$hd4$2@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 17 Jul 2021 04:30:53 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="3ee1e4e5d49544e1f9e27a42486cae1b";
logging-data="16094"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19xNQ4FIYzL0iqnYsX2xJvVzGwdGz22EjE="
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
Cancel-Lock: sha1:SWi/+FN18M/DbRgqyRr6Hukn2Fo=
In-Reply-To: <scivkt$hd4$2@dont-email.me>
 by: Sailfish - Sat, 17 Jul 2021 04:30 UTC

Michael Trew graced us with on 7/12/2021 8:00 PM:
> Microsoft issues urgent security warning: Update your PC immediately
>
> Microsoft is urging Windows users to immediately install an update
> after security researchers found a serious vulnerability in the
> operating system.
>
> The security flaw, known as PrintNightmare, affects the Windows Print
> Spooler service. Researchers at cybersecurity company Sangfor
> accidentally published a how-to guide for exploiting it.
>
REF:
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/

[excerpt quote=\"
Microsoft shares guidance on new Windows Print Spooler vulnerability

"The attack is not really related to PrintNightmare. As you know, PN can
be executed remotely and this is a local only vulnerability," Baines
confirmed to BleepingComputer.
\" /]

--
Sailfish
CDC Covid19 Trends: https://www.facebook.com/groups/624208354841034
Rare Mozilla Stuff: http://tinyurl.com/z86x3sg

Re: PrintNightmare: Update your PC immediately

<sd5nhl$hen$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=1998&group=alt.windows7.general#1998

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: NIXCAPSsailfish@NIXCAPSunforgettable.com (Sailfish)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: Mon, 19 Jul 2021 22:39:01 -0700
Organization: A noiseless patient Spider
Lines: 38
Message-ID: <sd5nhl$hen$1@dont-email.me>
References: <scivkt$hd4$2@dont-email.me> <sctmdt$fmu$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 20 Jul 2021 05:39:02 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="7225f3ae3041e1de318bad62da182cc6";
logging-data="17879"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+k855B/PDWOjHERuYDL1BYcvsDaIyEdQs="
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
Cancel-Lock: sha1:/zOB0jvlxKDl8LN5AelVnwUhLlU=
In-Reply-To: <sctmdt$fmu$1@dont-email.me>
 by: Sailfish - Tue, 20 Jul 2021 05:39 UTC

Sailfish graced us with on 7/16/2021 9:30 PM:
> Michael Trew graced us with on 7/12/2021 8:00 PM:
>> Microsoft issues urgent security warning: Update your PC immediately
>>
>> Microsoft is urging Windows users to immediately install an update
>> after security researchers found a serious vulnerability in the
>> operating system.
>>
>> The security flaw, known as PrintNightmare, affects the Windows Print
>> Spooler service. Researchers at cybersecurity company Sangfor
>> accidentally published a how-to guide for exploiting it.
>>
> REF:
> https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/
>
> [excerpt quote=\"
> Microsoft shares guidance on new Windows Print Spooler vulnerability
>
> "The attack is not really related to PrintNightmare. As you know, PN can
> be executed remotely and this is a local only vulnerability," Baines
> confirmed to BleepingComputer.
> \" /]
>
REF:
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/

[excerpt quote=\"
Another zero day vulnerability in Windows Print Spooler can give a
threat actor administrative privileges on a Windows machine through a
remote server under the attacker's control and the 'Queue-Specific
Files' feature.
\" /]
Another day, another print spooler zero-day.

--
Sailfish
CDC Covid19 Trends: https://www.facebook.com/groups/624208354841034
Rare Mozilla Stuff: http://tinyurl.com/z86x3sg

Re: PrintNightmare: Update your PC immediately

<MPG.3b609352af7be7c398fdf3@news.individual.net>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2000&group=alt.windows7.general#2000

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: the_stan_brown@fastmail.fm (Stan Brown)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: Tue, 20 Jul 2021 09:02:01 -0700
Organization: Oak Road Systems
Lines: 21
Message-ID: <MPG.3b609352af7be7c398fdf3@news.individual.net>
References: <scivkt$hd4$2@dont-email.me> <sctmdt$fmu$1@dont-email.me> <sd5nhl$hen$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net TWdndJ9Z14+icldDWObZAwgYUse9ko7IHPAbGyvCCXLAm547LR
Cancel-Lock: sha1:xK1TAA7szCp28D3CFxV718EDz2U=
User-Agent: MicroPlanet-Gravity/3.0.4
 by: Stan Brown - Tue, 20 Jul 2021 16:02 UTC

On Mon, 19 Jul 2021 22:39:01 -0700, Sailfish wrote:
>
> REF:
> https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
>
> [excerpt quote=\"
> Another zero day vulnerability in Windows Print Spooler can give a
> threat actor administrative privileges on a Windows machine through a
> remote server under the attacker's control and the 'Queue-Specific
> Files' feature.
> \" /]
> Another day, another print spooler zero-day.

Please note: "through a remote server". If your computer is not set
up to be controlled remotely, it seems you have nothing to worry
about.

--
Stan Brown, Tehachapi, California, USA https://BrownMath.com/
https://OakRoadSystems.com/
Shikata ga nai...

Re: PrintNightmare: Update your PC immediately

<sd7q2u$qop$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2002&group=alt.windows7.general#2002

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: NIXCAPSsailfish@NIXCAPSunforgettable.com (Sailfish)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: Tue, 20 Jul 2021 17:34:39 -0700
Organization: A noiseless patient Spider
Lines: 23
Message-ID: <sd7q2u$qop$1@dont-email.me>
References: <scivkt$hd4$2@dont-email.me> <sctmdt$fmu$1@dont-email.me> <sd5nhl$hen$1@dont-email.me> <MPG.3b609352af7be7c398fdf3@news.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 21 Jul 2021 00:34:38 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="0e63601e47b6cb93fed6cc506b5a077e";
logging-data="27417"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+YVi9YrnxZXC+K2JPuGPxYpBj/YkQFoQ4="
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
Cancel-Lock: sha1:jOexO8cuTajjzJyTtNZE/kvgM2M=
In-Reply-To: <MPG.3b609352af7be7c398fdf3@news.individual.net>
 by: Sailfish - Wed, 21 Jul 2021 00:34 UTC

Stan Brown graced us with on 7/20/2021 9:02 AM:
> On Mon, 19 Jul 2021 22:39:01 -0700, Sailfish wrote:
>> REF:
>> https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
>>
>> [excerpt quote=\"
>> Another zero day vulnerability in Windows Print Spooler can give a
>> threat actor administrative privileges on a Windows machine through a
>> remote server under the attacker's control and the 'Queue-Specific
>> Files' feature.
>> \" /]
>> Another day, another print spooler zero-day.
>
> Please note: "through a remote server". If your computer is not set
> up to be controlled remotely, it seems you have nothing to worry
> about.
>
True, but for those that are...

--
Sailfish
CDC Covid19 Trends: https://www.facebook.com/groups/624208354841034
Rare Mozilla Stuff: http://tinyurl.com/z86x3sg

Re: PrintNightmare: Update your PC immediately

<sd9gk5.dbc.1@ID-201911.user.individual.net>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2003&group=alt.windows7.general#2003

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!4.us.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: this@ddress.is.invalid (Frank Slootweg)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: 21 Jul 2021 14:05:37 GMT
Organization: NOYB
Lines: 26
Message-ID: <sd9gk5.dbc.1@ID-201911.user.individual.net>
References: <scivkt$hd4$2@dont-email.me> <sctmdt$fmu$1@dont-email.me> <sd5nhl$hen$1@dont-email.me> <MPG.3b609352af7be7c398fdf3@news.individual.net>
X-Trace: individual.net wZugUHDN/573Wmniv8ZhqwZW/OWJmX1duQa1+VIsq9EKpEeEhm
X-Orig-Path: not-for-mail
Cancel-Lock: sha1:e5bcdnd+8P0quFljizJ85hainHg=
User-Agent: tin/1.6.2-20030910 ("Pabbay") (UNIX) (CYGWIN_NT-6.3-WOW/2.8.0(0.309/5/3) (i686)) Hamster/2.0.2.2
X-Antivirus: Avast (VPS 210721-4, 07/21/2021), Outbound message
X-Antivirus-Status: Clean
 by: Frank Slootweg - Wed, 21 Jul 2021 14:05 UTC

Stan Brown <the_stan_brown@fastmail.fm> wrote:
> On Mon, 19 Jul 2021 22:39:01 -0700, Sailfish wrote:
> >
> > REF:
> > https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
> >
> > [excerpt quote=\"
> > Another zero day vulnerability in Windows Print Spooler can give a
> > threat actor administrative privileges on a Windows machine through a
> > remote server under the attacker's control and the 'Queue-Specific
> > Files' feature.
> > \" /]
> > Another day, another print spooler zero-day.
>
> Please note: "through a remote server". If your computer is not set
> up to be controlled remotely, it seems you have nothing to worry
> about.

Note that the text says "remote PRINT servers" (emphasis mine), so
it's not about "your computer [is] not set up to be controlled remotely"
- i.e. inbound -, but about your computer connecting to a print server -
i.e. outbound.

While this scenario is also not common, it can happen when the user
prints to a print server which (s)he trusts, but which has been
compromised without hir knowledge, i.e. at a library, office, etc., etc.

Re: PrintNightmare: Update your PC immediately

<sea9md$f9g$1@dont-email.me>

  copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=2120&group=alt.windows7.general#2120

  copy link   Newsgroups: alt.windows7.general
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: NIXCAPSsailfish@NIXCAPSunforgettable.com (Sailfish)
Newsgroups: alt.windows7.general
Subject: Re: PrintNightmare: Update your PC immediately
Date: Mon, 02 Aug 2021 19:29:31 -0700
Organization: A noiseless patient Spider
Lines: 54
Message-ID: <sea9md$f9g$1@dont-email.me>
References: <scivkt$hd4$2@dont-email.me> <sctmdt$fmu$1@dont-email.me> <sd5nhl$hen$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 3 Aug 2021 02:29:33 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="847a398e502ae3bd7086bfa91316fce2";
logging-data="15664"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+eMBJS4KKkFez5OZmLmPCKz/aoK6V1A9s="
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
Cancel-Lock: sha1:R8dTzmmwR+/qvaU2fBXf+6O9pqg=
In-Reply-To: <sd5nhl$hen$1@dont-email.me>
 by: Sailfish - Tue, 3 Aug 2021 02:29 UTC

Sailfish graced us with on 7/19/2021 10:39 PM:
> Sailfish graced us with on 7/16/2021 9:30 PM:
>> Michael Trew graced us with on 7/12/2021 8:00 PM:
>>> Microsoft issues urgent security warning: Update your PC immediately
>>>
>>> Microsoft is urging Windows users to immediately install an update
>>> after security researchers found a serious vulnerability in the
>>> operating system.
>>>
>>> The security flaw, known as PrintNightmare, affects the Windows Print
>>> Spooler service. Researchers at cybersecurity company Sangfor
>>> accidentally published a how-to guide for exploiting it.
>>>
>> REF:
>> https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-new-windows-print-spooler-vulnerability/
>>
>> [excerpt quote=\"
>> Microsoft shares guidance on new Windows Print Spooler vulnerability
>>
>> "The attack is not really related to PrintNightmare. As you know, PN
>> can be executed remotely and this is a local only vulnerability,"
>> Baines confirmed to BleepingComputer.
>> \" /]
>>
> REF:
> https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
>
> [excerpt quote=\"
> Another zero day vulnerability in Windows Print Spooler can give a
> threat actor administrative privileges on a Windows machine through a
> remote server under the attacker's control and the 'Queue-Specific
> Files' feature.
> \" /]
> Another day, another print spooler zero-day.
>
PrintNightmare (Gamma variant)

REF:
https://www.bleepingcomputer.com/news/microsoft/remote-print-server-gives-anyone-windows-admin-privileges-on-a-pc/

[excerpt quote=\"
Now anyone can get Windows SYSTEM privileges

Security researcher and Mimikatz creator Benjamin Delpy has been at the
forefront of continuing PrintNightmare research, releasing multiple
bypasses and updates to exploits through specially crafted printer
drivers and by abusing Windows APIs.
\" /]

--
Sailfish
CDC Covid19 Trends: https://www.facebook.com/groups/624208354841034
Rare Mozilla Stuff: http://tinyurl.com/z86x3sg

Pages:123
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor