Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Critical vulnerability in Windows Print Spooler service leaves PCs open to remote code execution
PostedinPrivacy and Security Posted on July 6, 2021

Critical vulnerability in Windows Print Spooler service leaves PCs open to remote code execution

Posted By Kerry.Hershey

‘PrintNightmare’ exists on all Windows versions; Microsoft currently advises either disabling the service or blocking inbound remote requests

A hot potato: It’s not the first time IT admins and users have been alerted to a flaw in the Windows Print Spooler service. The latest 0-day vulnerability in this Windows component was apparently meant to be detailed in the upcoming annual Black Hat security conference, however, security researchers accidentally posted a proof-of-concept prematurely, and now Microsoft is warning users about the 0-day flaw being actively exploited in the wild.

Microsoft fixed an RCE vulnerability in the Windows Print Spooler service in its June Patch Tuesday security update, but now another 0-day flaw has surfaced that’s currently being investigated by the company and is noted to be under active exploitation.

Dubbed ‘PrintNightmare,’ the US Cybersecurity & Infrastructure Security Agency (CISA) has called it a ‘critical’ remote code execution vulnerability, though Microsoft is yet to assign it a severity score.

Essentially, a function in the Windows Print Spooler service allows a remotely authenticated attacker to run arbitrary code with SYSTEM privileges. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” notes Microsoft.

System admins have been strongly advised to disable the Windows Print Spooler service on servers/domain controllers/PCs that aren’t used for printing, while another recommended workaround is to disable inbound remote printing via Group Policy in case users still want access to local printing with a directly attached device.

This spooler service flaw is also reminiscent of the one discovered in 2016, and Microsoft notes that the latest vulnerability exists on all versions of Windows, though it’s not yet clear which versions are exploitable. A fix is currently said to be in the works, which Microsoft may release outside of its usual Patch Tuesday schedule.

Sourcelink

Tags: Microsoft Security Windows
Share on Facebook Share on Twitter
Previous Article
Microsoft has turned the Blue Screen of Death black in Windows 11
Next Article
Android app users targeted with cryptomining scams

About Author

Kerry.Hershey

Related Posts

  • Generative AI brings new risks to everyone. Here’s how you can stay safe

    May 12, 2023
  • Enhancing Email Security: Gmail Introduces Blue Verification Checks

    May 10, 2023
  • Cybercriminals Shift from Dark Web to Deep Web

    April 14, 2023
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • How to securely and completely delete files in Windows 10 without third-party software July 10, 2019 Emerging Technology & News
  • Broadcom to Acquire VMware for $61 Billion May 27, 2022 Business
  • FAQ: When will you have the Reimage technician's plan? November 24, 2010 Archive
  • Google Adds Voice and Video Calls to Chat in the Gmail App December 9, 2021 Emerging Technology & News
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok