By Juha Saarinen on Jul 8, 2021 10:19AM Remote code execution and privilege escalation still possible. Testing done by security researchers appears to bear out suspicions that Microsoft's urgent out-of-band patch released yesterday does not fully address the critical and exploited PrintNightmare zero-day vulnerability. United States Computer Emergency Response Team vulnerability analyst Will Dormann raised doubts that Microsoft's patch was sufficient to prevent remote code execution and local privilege escalation to the SYSTEM Windows user. Further testing done by Mimikatz security tool developer Benjamin Delpy points to Microsoft's patch being bypassable if the Windows Point and Print technology is enabled. Ho no… thanks to @bugch3ck idea about UNC path, KB5005010 “fix” about #printernightmare does not seems to block RCE (neither LPE) if Point&Print enabled …