top of page

Microsoft's Flawed Patch to a Simple Exploit

Here's an update to last night's tip, which warned about the Printer Spooler vulnerability in Windows. Microsoft's fix has its own shortcomings.


Cybersecurity expert Will Dormann has warned that if the PointandPrint setting in the Registry Editor is set to 1, Microsoft's patch will not prevent remote code execution.




Because Microsoft's patch does not account for files referenced with Universal Naming Convention, it will not block remote files used for the exploit. UNC simply references a file with a path in this form:


\\server\share\path\filename






Recent Posts

See All

Sean O'Shea has more than 20 years of experience in the litigation support field with major law firms in New York and San Francisco.   He is an ACEDS Certified eDiscovery Specialist and a Relativity Certified Administrator.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer.

If you have a question or comment about this blog, please make a submission using the form to the right. 

Your details were sent successfully!

© 2015 by Sean O'Shea . Proudly created with Wix.com

bottom of page