It’s a living PrintNightmare—Tuesday, Microsoft revealed it had identified a serious vulnerability in its operating system that could allow hackers to delete data on your PC, install programs or even create new user accounts with full control permissions for themselves .
The flaw, dubbed PrintNightmare, affects the Windows Print Spooler service, which allows Microsoft to manage the files and documents you spool up for printing. This feature is enabled by default on every Microsoft computer, including those running Windows 10, Windows 8.1, and older Windows 7, as well as Administrative Servers 2004 and 2008 through 2019.
The flaw was discovered by researchers in May, who planned to create a patch and present the results at the annual Black Hat Cybersecurity Summit. But then here comes the nightmare, they accidentally released their proof of concept, basically a how-to guide to exploiting the code, to the web. It was quickly removed, but not before making the rounds of the internet, on sites like the popular developer forum GitHub.
We have removed the POC from PrintNightmare. To mitigate this vulnerability, please update Windows to the latest version or disable the Spooler service. For more RCE and LPE in Spooler, stay tuned and wait for our Blackhat chat. https://t.co/heHeiTCsbQ
— zhiniang peng (@edwardzpeng) June 29, 2021
Microsoft has since detected the malicious code in the wild and recommends that all PC users take immediate action to defend their computers against the flaw.
Here’s how:
- Step 1: Be sure to install Microsoft’s June 2021 emergency security update. This fixes one of two major flaws in the Windows Print Spooler system. Download the version for your system here; all options are listed under “Security Updates”.
- 2nd step: Unfortunately, there is no patch yet for the second flaw, so Microsoft and the Federal Agency for Cybersecurity and Infrastructure Security are advising people to disable the Windows Print Spooler when not in use for the impression. Follow the instructions listed under “Workarounds” here. It involves a bit of coding magic via PowerShell, a program you can Download here.
Comments are closed.