Having to deal with vulnerabilities is always a chore for any network security professional. That goes without saying, but what is always helpful are ways to use tools that you already own to help address these vulnerabilities.
What is PrintNightmare?
The issue that I would like to talk with you about today is the PrintNightmare (CVE-2021-1675) vulnerability.
If you are not familiar with the PrintNightmare (CVE-2021-1675), this is a vulnerability that allows remote code execution on Windows Print Spooler.
Although there are updates available that address this issue, there is still a chance your machines could still be vulnerable. We are here to help.
How can Cortex XSOAR help?
One of the key aspects of Cortex XSOAR is the ability to automate security operations. Cortex XSOAR released two playbooks to address the PrintNightmare vulnerability: CVE-2021-1675 | CVE-2021-34527 - PrintNightmare playbook and a detection and response playbook with the Cortex XDR.
PrintNightmare playbook in action inside Cortex XSOAR