Researchers have bypassed Microsoft’s emergency patch for the PrintNightmare vulnerability to achieve remote code execution and local privilege escalation with the official fix installed. Microsoft released an out-of-band KB5004945 security update that was supposed to fix the vulnerability that researchers disclosed by accident last month. Researchers are warning against installing Microsoft’s July 6th patch as it not only doesn’t protect against the vulnerabilities but modifies the ‘localsplplpldll’ file so 0Patch’s patch no longer works.
Source: https://www.bleepingcomputer.com/news/microsoft/microsofts-incomplete-printnightmare-patch-fails-to-fix-vulnerability/