gadget-bridge
HomeComputersMicrosoft released an emergency Windows update to address PrintNightmare security vulnerability: Everything...

Microsoft released an emergency Windows update to address PrintNightmare security vulnerability: Everything you should know

The Windows users are recommended to install these updates immediately 

- Advertisement -

In an emergency security update, Microsoft has released a patch to fix a critical flaw in the Windows Print Spooler service. The vulnerability called PrintNightmare was discovered by some security analysts who accidentally published a proof-of-concept (PoC) exploit. The security flaw allows attackers to remotely execute code with system-level privileges and take over the victim host completely, to carry out malicious operations. 

To address the PrintNightmare security flaw impacting the Windows Print Spooler service, Microsoft has rolled out-of-band security updates for all supported versions of Windows. This vulnerability allows attackers to print functionality inside local networks when print capabilities are exposed to the Internet. As explained by the company, the remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

- Advertisement -

However, this is said to be a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems. As per the company, the fix fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections. See: KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates.

Microsoft also states that “ Please note that not all versions of the update are available today as some packages are not quite ready for release. We feel that it is important to provide security updates as quickly as possible for systems that we can confidently protect today. Unfortunately, security updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 will be delayed for a short period, but they are expected soon.” 

- Advertisement -

One can also disable the inbound remote printing as explained below:

Go to Computer Configuration > Administrative Templates > Printers and switch off the Allow Print Spooler to accept client connections option. The user is also required to restart the Print Spooler service to make the changes.

- Advertisement -

But soon after the pact was released, a security researcher brought another issue with the security update revealing how exploits could bypass the patch.

Benjamin Delpy, a developer of the hacking and network utility Mimikatz via tweet said, “ Dealing with strings & filenames is hard😉 New function in #mimikatz 🥝to normalize filenames (bypassing checks by using UNC instead of \\server\share format). So an RCE (and LPE) with #printnightmare on a fully patched server, with Point & Print enabled.

He also shared a video that demonstrates the security pact failed to fix the vulnerability using a certain setting named paint and print that simply allows networks users to get hands-on with the required printer drivers.

However, the fix may be incomplete but it does provide protection from other types of attacks that exploit the print spooler vulnerability. So the Windows users are recommended to install these updates immediately and should wait for further instructions. 

For the latest gadget and tech news, and gadget reviews, follow us on TwitterFacebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.

- Advertisement -

Support Us

We are a humble media site trying to survive! As you know we are not placing any article, even the feature stories behind any paywall or subscription model. Help us stay afloat, support with whatever you can!

Support us
- Advertisement -
Komila Singh
Komila Singhhttp://www.gadgetbridge.com
Komila is one of the most spirited tech writers at Gadget Bridge. Always up for a new challenge, she is an expert at dissecting technology and getting to its core. She loves to tinker with new mobile phones, tablets and headphones.
- Advertisment -
- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -
- Advertisement -

Follow Us

- Advertisement -

Must Read

BGMI redeem codes for 23 September 2023, claim and receive rewards and benefits

BGMI redeem codes for 23 September 2023, claim and receive rewards...

0
After being banned for nearly ten months, Battleground Mobile India, aka BGMI, is officially available again in India. BGMI fans are looking for ways...
- Advertisement -
- Advertisement -

You cannot copy content of this page