When you subscribe we will use the information you provide to send you these newsletters. Sometimes they’ll include recommendations for other related newsletters or services we offer. Our Privacy Notice explains more about how we use your data, and your rights. You can unsubscribe at any time.
Windows 10 and Windows 7 users need to be aware of an important security alert Microsoft has issued. The Redmond-based tech giant is warning that all versions of Windows are at risk from a security vulnerability that hackers are actively exploiting at the moment. As reported by The Verge, the unpatched – and critical – issue resides in the Windows Print Spooler service.
This bug has been labelled PrintNightmare and lets bad actors remotely execute code with system-level privileges.
In terms of how dangerous bugs can be, that’s about as serious and dangerous as it gets.
The threat was discovered by cybersecurity researchers at Sangfor.
In the aftermath of this threat being discovered, Microsoft issued a security advisory.
Windows 11: Microsoft teases brand new software update
They said PrintNightmare has been exploited in the wild and Windows users needed to install security updates released towards the start of June.
Microsoft said: “Microsoft is aware of and investigating a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation and we will update the CVE as more information is available.
“A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
The Windows makers went on to add: “Please ensure that you have applied the security updates released on June 8, 2021, and see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.”
Bleeping Computer reported that a separate threat assessment they had seen for Microsoft 365 Defender customers said PrintNightmare was being actively exploited by attackers.
Unfortunately, while Microsoft advises Windows users to install the June 8 update, there is no specific patch available – at the time of writing – to address the zero-day.
Microsoft said they are working on a fix and are investigating the issue.
In the meantime the Windows 11 and Windows 10 makers have offered up mitigation measures for the threat.
This includes disabling the Printer Spooler service and disabling inbound remote printing through Group Policy.
Source: Read Full Article