After security researchers uncovered a critical vulnerability in the operating system, Microsoft recommends Windows users install an update as soon as possible. The PrintNightmare security issue affects the Windows Print Spooler service. Researchers from the cybersecurity firm Sangfor inadvertently published a how-to guide for exploiting it.
In late May, the researchers announced that they had discovered vulnerabilities in Print Spooler, allowing multiple users to access a printer. They accidentally uploaded a proof-of-concept online and then erased it. However, they did not manage to take it down before it was published elsewhere online, including developer site GitHub.
Microsoft (MSFT) said that exploiting the weakness might allow hackers to install applications, view and erase data, and even establish new user identities with full user rights. That offers hackers complete command and control of your computer, allowing them to cause catastrophic damage. Windows 10 is not the only version susceptible; Windows 7, for which Microsoft stopped support last year, is also vulnerable.
Despite saying that it would no longer be issuing updates for Windows 7, Microsoft released a fix for the 12-year-old operating system. This emphasizes the severity of the PrintNightmare bug.
According to the announcement, updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 are “due soon”. If there is any good news, the latest security update is cumulative. This means that it includes earlier patches for past security vulnerabilities.
It is the most recent in a long line of security alerts from Microsoft in the previous year and a half. The company involves in several security crises, most recently in 2020, when the National Security Agency notified Microsoft of a severe flaw in its Windows operating system that may allow hackers to pose legitimate software companies.
Released a patch for Windows 11
This year, hundreds of thousands of Exchange customers targeting when four flaws in the software allowed hackers to get access to the popular email and calendar service’s servers. A massive SolarWinds leak also targeted Microsoft. Notably, no patch for Windows 11 publishing by Microsoft. Its newest operating system, which has set to be released soon, is already available to beta testers. According to CCS Insight, Windows 11 arrives six years after Microsoft last redesigned its operating system with Windows 10. This is a significant update running on approximately 1.3 billion devices globally.