Having to deal with vulnerabilities is always a chore for any network security professional. That goes without saying, but what is always helpful are ways to use tools that you already own to help address these vulnerabilities.
What is PrintNightmare?
The issue that I would like to talk with you about today is the PrintNightmare (CVE-2021-1675) vulnerability.
If you are not familiar with the PrintNightmare (CVE-2021-1675), this is a vulnerability that allows remote code execution on Windows Print Spooler.
Although there are updates available that address this issue, there is still a chance your machines could still be vulnerable. We are here to help.
One of the key aspects of Cortex XSOAR is the ability to automate security operations. Cortex XSOAR released two playbooks to address the PrintNightmare vulnerability: CVE-2021-1675 | CVE-2021-34527 - PrintNightmare playbook and a detection and response playbook with the Cortex XDR.
All of this information, ways that this vulnerability can be exploited, details on exactly how Cortex XSOAR's can be used to address this vulnerability can all be found in the Remediating PrintNightmare (CVE-2021-1675) Using Cortex XSOAR blog on Palo Alto Networks' main page.
We hope that you find this information useful.
Thanks for taking time to read my blog.
If you enjoyed this, please hit the Like (thumb up) button, don't forget to subscribe to the LIVEcommunity Blog area.
As always, we welcome all comments and feedback in the comments section below.
Stay Secure,
Joe Delio
End of line
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
| Subject | Likes |
|---|---|
| 5 Likes | |
| 2 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like |
