Windows users need to install Microsoft’s emergency hotfix for the “PrintNightMare” vulnerability, the software giant recommends, after acknowledgment last week that the critical software fault was actively exploited. At the time, Microsoft admitted, it did not have a simple solution for the problem, which could allow hackers to take control remotely from a PC, install their own code and delete data. legitimate user.
The feat relies on a problem identified with the Windows Print Spooler service, which manages the management of printer work. “A remote code execution vulnerability exists when the Windows Print Spooler service performs privileged file operations,” Microsoft explained.
“An attacker who has successfully exploited this vulnerability could execute arbitrary code with system privileges,” conceded the software company. “An attacker could then install programs; see, modify or delete data; or create new accounts with complete user rights.”
A hotfix was developing, Microsoft said, but the temporary workaround was to disable the Windows print spooler service. Of course, it would have a striking impact on people to be able to print via this PC. Now, however, there is a solution for the print nightmare – at least for some systems.
“Microsoft has completed the survey and has published security updates to resolve this vulnerability,” the company confirmed at CVE-2021-34527. “We recommend that you install these updates immediately.”
For the moment, there are patches for multiple versions of Windows. This includes Windows 10 for PCs at home and business; Windows Server 2019, 2012 and 2008; Windows 8.1 and Windows Rty 8.1; and Windows 7.
Once installed, there will be new limits on how print drivers can be loaded. In particular, non-administrators will only be able to install print drivers signed on a print server; You will need to have administrator privileges to install unsigned drivers.
However, all systems do not have an available patch yet. “Updates are not yet available for Windows 10 version 1607, Windows Server 2016 or Windows Server 2012”, Microsoft Point. “Security updates for these versions of Windows will be published soon.”
It is remarkable for the potential scope of the fault. “All versions of Windows are vulnerable,” recognizes Microsoft. “Supported versions of Windows do not have security updates available on July 6 will be updated shortly after July 6” “”