Arguably bigger impact than the previous story, Microsoft has warned that there is an active exploit against all versions of Windows. This targets the Windows Print Spooler with a vulnerability known as PrintNightmare.
This can be mitigated by disabling the Print Spooler service, either locally or via Group Policy. The CISA has also issued a notification on this issue.
Microsoft has also warned of a critical .NET core remote code vulnerability issue in PowerShell 7. Customers are urged to install PowerShell 7.0.6 and 7.1.3 as soon as possible.
Why do we care?
There was a meme floating around that the fire of the Kaseya attack was bigger than the Microsoft one. The Kaseya one may feel bigger to IT services companies and have a greater active price tag… but this Microsoft one has far greater reach.
We care not to be overly distracted by one incident to ignore another. The US military has a guiding principle of being able to handle two wars at the same time. IT services companies should be asking themselves… how many fronts can I handle at the same time, and how do I prioritize?