Windows hit by 'PrintNightmare' exploit — what you need to know

1. Home
2. News
3. Windows

Windows hitting past 'PrintNightmare' exploit — what you need to know

(Epitome credit: Pixabay)

Windows users, take note: A new vulnerability has been discovered across multiple versions of the PC operating system that could enable significant exploits, such as remote attackers gaining access to your computer and modifying your data.

Called "PrintNightmare," the exploit takes reward of a security vulnerability plant inside the Windows Print Spooler service, which helps your PC manage the flow of print jobs being sent to a printer or print server.

• Best Windows 10 antivirus software
• Bitdefender vs. Kaspersky: Which antivirus is better?
• Plus: Windows 11 updates are taking cues from macOS — what that's good

While the Print Spooler is the source of the result, the potential consequences go well behind press.

According to Microsoft, which released "PrintNightmare" mitigation strategies yesterday (July 1), attackers could use the vulnerability to proceeds system-level access and remotely install programs on your PC, modify or delete data, or create new accounts with full user rights. Such techniques could be used for ransomware attacks, for example.

Microsoft'southward exploit acknowledgement page lists a wide array of Windows versions, including the electric current Windows x only also Windows vii, Windows viii.one, and various renditions of Windows Server. The company says that the vulnerability is already existence actively exploited.

Microsoft has not yet patched the exploit, but recommends installing the latest security update from June anyhow, along with disabling the Print Spooler service or disabling inbound remote press through Windows' Group Policy infrastructure. Microsoft has not yet rated the severity of the exploit, but the potential consequences of the attack are very serious indeed.

Co-ordinate to ITNews, news of the exploit may have been released prematurely. Hong Kong-based security group Sangfor Technologies planned to detail Windows Impress Spooler null-day exploits at the upcoming Blackness Lid United states conference and published the proof-of-concept exploit online. The firm then removed it after realizing that the exploit was notwithstanding active, simply the code had already been copied.

Oft, security firms share these discovered exploits with the software maker to ensure that they can exist patched out before details are shared with the public. In this case, however, the exploit proof-of-concept may take been published prematurely or at that place may take been a miscommunication between the group and Microsoft.

This isn't the first time that Windows Print Spooler has been exploited with disastrous results. The Stuxnet worm, discovered in 2010, similarly exploited a vulnerability in the service and wreaked havoc on Iran'due south nuclear facilities before spreading elsewhere effectually the globe.

• More than: 700 1000000 exposed in LinkedIn data scrape — what to do now

Andrew Hayward is a author and editor based in Chicago. His work covering tech, crypto, games, and esports has appeared in more than 100 publications around the world, including Polygon, Rolling Stone, Decrypt, and Stuff. He has covered cryptocurrency extensively since 2019, including coins, crypto games, and NFTs, and interviewed many creators and prominent figures in the space. He has also personally invested in several coins and currently holds less than i BTC, ii ETH, and 700 ADA, along with smaller amounts of other coins.

Source: https://www.tomsguide.com/news/windows-hit-by-printnightmare-exploit-what-you-need-to-know

Posted by: oursedweess.blogspot.com

Share this post