Using Cortex XSOAR to Deal with PrintNightmare

cancel
Showing results for 
Search instead for 
Did you mean: 
Community Team Member

Using Cortex XSOAR to Deal with PrintNightmareUsing Cortex XSOAR to Deal with PrintNightmare

 

Having to deal with vulnerabilities is always a chore for any network security professional. That goes without saying, but what is always helpful are ways to use tools that you already own to help address these vulnerabilities. 

 

What is PrintNightmare?

The issue that I would like to talk with you about today is the PrintNightmare (CVE-2021-1675) vulnerability. 

If you are not familiar with the PrintNightmare (CVE-2021-1675), this is a vulnerability that allows remote code execution on Windows Print Spooler.

 

Although there are updates available that address this issue, there is still a chance your machines could still be vulnerable. We are here to help.

 

How can Cortex XSOAR help?

One of the key aspects of Cortex XSOAR is the ability to automate security operations. Cortex XSOAR released two playbooks to address the PrintNightmare vulnerability: CVE-2021-1675 | CVE-2021-34527 - PrintNightmare playbook and a detection and response playbook with the Cortex XDR.

 

PrintNightmare playbook in action inside Cortex XSOARPrintNightmare playbook in action inside Cortex XSOAR

 

All of this information, ways that this vulnerability can be exploited, details on exactly how Cortex XSOAR's can be used to address this vulnerability can all be found in the Remediating PrintNightmare (CVE-2021-1675) Using Cortex XSOAR blog on Palo Alto Networks' main page.

 

We hope that you find this information useful.

 

Thanks for taking time to read my blog.
If you enjoyed this, please hit the Like (thumb up) button, don't forget to subscribe to the LIVEcommunity Blog area.

 

As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,
Joe Delio
End of line

Register or Sign-in
Labels
Top Liked Authors