Securing Endpoint Vulnerabilities with EPM

In July 2021, news broke of a major Microsoft vulnerability, affecting millions of users worldwide. This Windows Print Spooler Remote Code Execution vulnerability (CVE-2021-34527 & CVE-2021-36958) enabled users to install printer drivers by elevating local user privileges. While users might find this convenient for their everyday needs, this privilege elevation leaves systems exposed and vulnerable to cyber threats. An attacker could easily exploit this loophole to leverage administrator privileges to install malware, steal or encrypt data, disrupt critical systems, and otherwise wreak havoc in IT infrastructures.

This is precisely the type of discovery that keeps IT admins up at night: a major threat to cybersecurity across all Windows 10 devices with widespread global use. Once discovered, Microsoft took action, and yet it took repeated attempts before they were able to successfully patch one of the two identified vulnerabilities. As of writing, the second vulnerability is still not patched.

What if there was a way to defend endpoints and IT infrastructure from vulnerabilities regardless of discovery speed or patches? As if they never existed?

There is…. But first let’s look at what exactly happened with PrintNightmare.