CA Client Automation

 View Only
  • 1.  Windows printer bugg - CVE-2021-34527

    Posted Jul 07, 2021 04:56 AM

    Hi,

    Will there be any release of Microsofts Out-of-band patch in Patch Management for Windows Print Spooler bugg, known as "PrintNightmare", as documented in CVE-2021-34527.

    Regards,
    Per-Anders



    ------------------------------
    Iver AB
    ------------------------------



  • 2.  RE: Windows printer bugg - CVE-2021-34527

    Broadcom Employee
    Posted Jul 07, 2021 08:13 AM
    Hi Per-Anders,

    I asked the content team and this is the reply:

    Windows Print Spooler Remote Code Execution Vulnerability summary

     

    The following CVE has undergone a major revision increment.

    ======================================================================================

    * CVE-2021-34527

     - CVE-2021-34527 | Windows Print Spooler Remote Code Execution Vulnerability
     - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
     - Version: 2.0
     - Reason for Revision: CVE updated to announce that Microsoft is releasing an update
       for several versions of Window to address this vulnerability. Updates are not yet
       available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012
    .
       Security updates for these versions of Windows will be released soon. Other
       information has been updated as well. This information will be updated when more
       information or updates are available.
     - Originally posted: July 1, 2021
     - Updated: July 6, 2021
     - Aggregate CVE Severity Rating: Critical

     

    We are working on the available updates and publishing as individual patches as soon as possible.



    ------------------------------
    Senior Principal Engineering Solutions Architect
    Broadcom
    ------------------------------



  • 3.  RE: Windows printer bugg - CVE-2021-34527

    Broadcom Employee
    Posted Jul 07, 2021 01:47 PM
    Hi Per-Anders,

    We have published Microsoft Out-of-band patches as individual patches

    2021-07 Cumulative Update - Win10-KB5004950-x86-1507
    2021-07 Cumulative Update - Win10-KB5004950-x64-1507
    2021-07 Cumulative Update - Win10-KB5004947-x86-1809
    2021-07 Cumulative Update - Win10-Server2019-KB5004947-x64-1809
    2021-07 Cumulative Update - Win10-KB5004946-x86-1909
    2021-07 Cumulative Update - Win10-Server-KB5004946-x64-1909
    2021-07 Cumulative Update - Win10-KB5004945-x86-2004-21H1
    2021-07 Cumulative Update - Win10-Server-KB5004945-x64-2004-21H1
    2021-07 Security Monthly Quality Rollup - Windows8.1-KB5004954-x64
    2021-07 Security Monthly Quality Rollup - Windows8.1-KB5004954-x86
    2021-07 Security Only Update - Windows8.1-KB5004958-x64
    2021-07 Security Only Update - Windows8.1-KB5004958-x86
    2021-07 Security Monthly Quality Rollup - windows6.1-KB5004953-x64
    2021-07 Security Monthly Quality Rollup - windows6.1-KB5004953-x86
    2021-07 Security Only Update - windows6.1-KB5004951-x86
    2021-07 Security Only Update - windows6.1-KB5004951-x64
    2021-07 Security Monthly Quality Rollup - windows6.0-KB5004955-x64
    2021-07 Security Monthly Quality Rollup - windows6.0-KB5004955-x86
    2021-07 Security Only Update - windows6.0-KB5004959-x64
    2021-07 Security Only Update - windows6.0-KB5004959-x86

    These items will be available for acceptance in your Patch Manager GUI after the next successful run of the "Software Contents Download Job".


  • 4.  RE: Windows printer bugg - CVE-2021-34527

    Posted Jul 19, 2021 06:54 PM
    Good morning On my install (8.1ru7 and synced today) only appears the following KB:
    KB5004956
    KB5004960
    KB5004945
    And we are especially interested on:
    KB5004953 or KB5004951

    Could you confirm if is there something wrong with my install or this patches are not fully released?

    Kind regards,
    Iago


  • 5.  RE: Windows printer bugg - CVE-2021-34527

    Posted Jul 20, 2021 04:38 AM
    What product are you using ? 8.1ru7 doesn't look like a CA Client Automation release number.


  • 6.  RE: Windows printer bugg - CVE-2021-34527

    Posted Jul 20, 2021 04:41 AM
    Sorry, seems that is other product. We have installed the Client Management Suite 8.1.

    Kind regards,
         Iago


  • 7.  RE: Windows printer bugg - CVE-2021-34527

    Broadcom Employee
    Posted Jul 20, 2021 05:39 AM

    Hello Iago,

    We have already published the patches for KB: (KB5004953 or KB5004951). Please recycle CIC(Content import client) and verify in the patch manger. Patch names in the Patch manger is as follows:

    2021-07 Security Monthly Quality Rollup - windows6.1-KB5004953-x64
    2021-07 Security Monthly Quality Rollup - windows6.1-KB5004953-x86
    2021-07 Security Only Update - windows6.1-KB5004951-x86
    2021-07 Security Only Update - windows6.1-KB5004951-x64

    If still not find after recycle, please raise a support case.

    Regards,

    Krishna.