Attackers can exploit CVE-2020-1048 with a single PowerShell command: Add-PrinterPort -Name c:\windows\system32\ualapi.dll On an unpatched system, this will install a persistent backdoor, that won't go away *even after you patch*. See https://windows-internals.com/printdemon-cve-2020-1048/ … for more details.
Though perhaps to be more specific here, the updates are still published and freely downloadable: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4556836 … are the May 2020 Monthly Quality Rollups for Windows 7. They just seem to be not installable on a stock Win7 system. Perhaps paying gets you that ability?
-
-
Exactly. You can download them at will but you can only install them if you have the proper (purchased) key in place. (Though I heard 0patch provides all high-risk patches for the same 3 years, plus many 0day patches - I believe they're preparing a patch for this one too ;) )
-
Turns out my sources were right:https://twitter.com/0patch/status/1263099610580598789 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.