Rewterz Threat Advisory – CVE-2021-34527 – Microsoft Windows Code Execution

Rewterz Threat Intel – IndigoZebra APT Group Targeting Central Asia – Active IOCs

July 2, 2021

Rewterz Threat Alert – Gamaredon APT – Active IOCs

July 5, 2021

Rewterz Threat Advisory – CVE-2021-34527 – Microsoft Windows Code Execution

Severity

High

Analysis Summary

CVE-2021-34527

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Print Spooler service. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with SYSTEM privileges.

Impact

Code Execution
Privilege Escalation

Affected Vendors

Microsoft

Affected Products

Microsoft Windows Server 2008 SP2 x32
Microsoft Windows 7 SP1 x32
Microsoft Windows 7 SP1 x64
Microsoft Windows 7 x64
Microsoft Windows Server 2012 R2
Microsoft Windows 10 x32
Microsoft Windows 10 1809 for 32-bit Systems
Microsoft Windows Server (Server Core installation) 2004

Remediation

Refer to Microsoft Web site for suggested workaround information. See References.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Rewterz Threat Intel – IndigoZebra APT Group Targeting Central Asia – Active IOCs

Rewterz Threat Alert – Gamaredon APT – Active IOCs

Rewterz Threat Advisory – CVE-2021-34527 – Microsoft Windows Code Execution

Severity

Analysis Summary

CVE-2021-34527

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan