Microsoft has gone out of its way this week to fix a vulnerability known as "PrintNightmare." First official recognition by Microsoft on July 1. according to the full I.T. Block, the vulnerability meant any instance in which the Microsoft Windows Print Spooler service was running, a PC would be open to attackers, who could remotely execute malicious code at will.
News about the vulnerability fix, filename CVE-2021-34527, came to our attention via @Msftsecresponse on Twitter:
Microsoft has released updates to protect against CVE-2021-34527. See: https://t.co/QZATXCPXnxJuly 6, 2021
Printers are a relatively common target for hackers trying to gain control of machines, and once they are given system privileges, they can easily shuffle your data, delete or copy important files, and even create new accounts. with administrator rights, along with countless other subtle ones. activities.
Because one of the only solutions is for the system administrator to manually disable the Print Spooler service [not useful if you want to use it daily], it's a great relief that Microsoft has finally released a patch.
But the patch is not a complete solution, leaving Print Spooler users still open to local attacks. As Tijs Hofmans pointed out a tweakers, "It is still possible to make a file local privilege escalation. To avoid this, users can turn off the Point and Print feature. "
Here you can find Microsoft Windows Print Spooler security updates here. Just consider any clever-looking character, probably hooded, who uses your local network. So are hackers, right?