关联漏洞
标题:
Microsoft Windows Print Spooler Components 安全漏洞
(CVE-2021-1675)
描述:Microsoft Windows Print Spooler Components是美国微软(Microsoft)公司的一个打印后台处理程序组件。 Microsoft Windows Print Spooler Components存在安全漏洞。以下产品和版本受到影响:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for AR
描述
A small powershell script to disable print spooler service using desired state configuration
介绍
# CVE-2021-1675 - PrintNightmare DSC Mitigation (PowerShell)
> Kougyoku Gentou | July 1, 2021
----------------------------------------------------------
[CVE-2021-1675](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1675) is a critical remote code execution and local privilege escalation vulnerability dubbed "PrintNightmare."
The mitigation is to disable Print Spooler service. Well, most websites say to do this on Domain Controllers only, but realistically it should be done on bascially any Windows Server that is not a print server. So let's fix it! This is using Powershell and Desired State Configuration to stop and disable the print spooler service from all computers in OUs of your choice. You might need to change up some of the variables in the top of the script to fit your environment, but should be self-explanatory.
文件快照
[4.0K] /data/pocs/1bfb318727bcdda46134a2170f1643193c01c4d9
├── [1.4K] Disable-PrintSpooler.ps1
└── [ 859] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。