Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Hackers have carried out over 65,000 attacks through Windows’ Print Spooler exploit
PostedinPrivacy and Security Posted on May 13, 2022

Hackers have carried out over 65,000 attacks through Windows’ Print Spooler exploit

Posted By Matthew.England

A number of vulnerabilities within the printing application has led to a string of cyberattacks from all over the world.

If you have used Windows’ Print Spooler application recently, you could be the victim of a hack. A new report, from cybersecurity company Kaspersky, has found that cybercriminals conducted approximately 65,000 attacks through Windows’ Print Spooler application between July 2021 and April 2022. In addition, nearly half (31,000) of the attacks have taken place in the first four quarter of 2022. Print Spooler is typically employed to help users manage the printing process, but due to numerous vulnerabilities has become a hotbed for cyber criminals looking to carry out attacks.

Print Spooler’s vulnerabilities and the numerous attacks

The exploits, CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare), were found through an uncommon source, as it was mistakenly published as a proof of concept (POC) to GitHub for the application’s vulnerabilities. Once on GitHub, users downloaded the POC exploit, and a number of severe gaps were discovered within the application. Just last month, another critical vulnerability was discovered, leading to many of the attacks as the cybercriminals were able to access corporate resources, according to Kaspersky.

Once the vulnerabilities were identified, Microsoft issued a patch, attempting to stop the attacks stemming from PrintNightmare and the recently discovered exploit, but some organizations that have fallen victim failed to download and implement the patch before being taken advantage of.

“Windows Print Spooler vulnerabilities are a hotbed for emerging new threats,” said Alexey Kulaev, security researcher at Kaspersky. “We anticipate a growing number of exploitation attempts to gain access to resources within corporate networks, accompanied by a high-risk of ransomware infection and data theft. Through some of these vulnerabilities, attackers can gain access not only to victims’ data but also to the whole corporate server. Therefore, it is strongly recommended that users follow Microsoft’s guidelines and apply the latest Windows security updates.”

The attacks have targeted users from a number of countries around the world, as the cybersecurity company found that from July 2021 to April 2022, nearly a quarter of detected hits came from Italy. Outside of Italy, users in Turkey and South Korea were the most actively attacked, and most recently, researchers also discovered that over the past four months attackers were most active in Austria, France and Slovenia.

How to protect your systems from the exploit

In order for users to protect themselves from being the next victims of an attack, Kaspersky offers the following tips:

  • Install patches for new vulnerabilities as soon as possible
  • Performing a regular security audit of organization IT infrastructure
  • Use a protection solution for endpoints and mail servers with anti-phishing capabilities
  • Use dedicated services that can help fight against high-profile attacks
  • Installing anti-APT and EDR solutions, enabling threat discovery and detection

Ensuring that all system vulnerabilities have been patched is recommended as the best solution for the exploit in question, according to the security company. Outside of this specific instance, always having up to date endpoint security and employing a zero trust model are the best ways to avoid being exploited.

Source: https://www.techrepublic.com/article/hackers-have-carried-out-over-65000-attacks-through-windows-print-spooler-exploit/

Share on Facebook Share on Twitter
Previous Article
Razer’s new Viper V2 Pro wireless gaming mouse weighs just 58g
Next Article
How to Enable or Disable Mouse ClickLock in Windows 11

About Author

Matthew.England

Related Posts

  • Ransomware access broker steals accounts via Microsoft Teams phishing

    September 13, 2023
  • Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits

    September 7, 2023
  • FBI: Hackers Are Having a Field Day With Open-Source AI Programs

    August 10, 2023
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • ChatGPT: Microsoft to invest billions in chatbot maker OpenAI January 25, 2023 Business
  • How to use search folders to keep up with today’s email in Outlook April 21, 2022 Computer Help
  • Malware Discovered on XP Netbook May 20, 2009 Archive
  • New Apple 27-inch iMac: Hands-on with a work-from-home beast August 6, 2020 Reviews
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok