HC3 Cyber Communications: Call on Mitigation Steps for the Critical Microsoft PrintNightmare Vulnerability

July 20, 2021

HHS ASPR and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) are hosting a call on mitigation steps for the critical Microsoft PrintNightmare vulnerability from 1:00 - 3:00 PM ET on Thursday, July 22. The PrintNightmare vulnerability is a “critical” exploit that affects the Windows print queue. This vulnerability allows attackers to execute remote code on your devices and take control of them. The mitigation process for the PrintNightmare vulnerability is a complicated and multistep process. Applying the patch is the first step, but there are more steps required. Please join the call and review the materials in the resources section for remediation steps necessary beyond the patch.

Call Details

Time: 1:00 - 3:00 PM ET on Thursday, July 22 Participant Dial-in: 800-857-6546 Participant Pin: 6326958

Subject matter experts (SME) will provide an explanation of the current alerts on the PrintNightmare vulnerability and the further threat of ransomware it presents. SME’s will also discuss the detail behind mitigations due to their complexity by sharing their lessons/observations from their engagements with Federal entities also dealing with this vulnerability.

The intent of this call is to have a technical discussion that is geared more towards security and IT teams, not necessarily the C-suite/Executive/CIO/CISO level. Participants will walk away more confident in their current actions or better prepared to implement the mitigations correctly.

CISA is aware of active exploitation, by multiple threat actors, of the PrintNightmare vulnerability. Exploitation of the vulnerability allows an attacker to remotely execute code with system level privileges enabling a threat actor to quickly compromise the entire identity infrastructure of a targeted organization.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

Senior Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

(M) +1 202 640 9159

Related Resources

Advancing Health Podcast
Public
On this AHA Advancing Health podcast, John Riggi, AHA senior advisor for cybersecurity and risk, speaks with his former FBI colleague Mike Orlando, acting…
Advisory
Public
Microsoft has released out-of-band security updates to address a remote code execution (RCE) vulnerability — known as PrintNightmare (CVE-2021-34527) — in the…
Advancing Health Podcast
Public
Hospitals and health systems have frequently been the target of high-impact ransomware attacks. In this podcast, John Riggi, AHA senior advisor for…
Letter/Comment
As a national critical infrastructure designated by the U.S. Department of Homeland Security, the healthcare sector faces an urgent need to strengthen the…
Letter/Comment
As a national critical infrastructure designated by the U.S. Department of Homeland Security, the healthcare sector faces an urgent need to strengthen the…
Advisory
Public
This cyber advisory reflects the FBI’s May 20 Conti alert, along with resources from AHA and other organizations.