Windows hit by 'PrintNightmare' exploit — what you need to know

1. Abode
2. News
3. Windows

Windows hit by 'PrintNightmare' exploit — what you need to know

(Image credit: Pixabay)

Windows users, take notation: A new vulnerability has been discovered across multiple versions of the PC operating system that could enable pregnant exploits, such as remote attackers gaining access to your computer and modifying your data.

Called "PrintNightmare," the exploit takes advantage of a security vulnerability institute inside the Windows Print Spooler service, which helps your PC manage the flow of print jobs existence sent to a printer or print server.

• All-time Windows 10 antivirus software
• Bitdefender vs. Kaspersky: Which antivirus is better?
• Plus: Windows 11 updates are taking cues from macOS — what that's adept

While the Print Spooler is the source of the upshot, the potential consequences go well backside printing.

According to Microsoft, which released "PrintNightmare" mitigation strategies yesterday (July 1), attackers could utilize the vulnerability to gain system-level admission and remotely install programs on your PC, modify or delete data, or create new accounts with total user rights. Such techniques could be used for ransomware attacks, for case.

Microsoft's exploit acknowledgement page lists a wide array of Windows versions, including the current Windows 10 but also Windows seven, Windows 8.1, and various renditions of Windows Server. The company says that the vulnerability is already being actively exploited.

Microsoft has not yet patched the exploit, but recommends installing the latest security update from June anyway, along with disabling the Impress Spooler service or disabling inbound remote printing through Windows' Grouping Policy infrastructure. Microsoft has not withal rated the severity of the exploit, but the potential consequences of the attack are very serious indeed.

Co-ordinate to ITNews, news of the exploit may take been released prematurely. Hong Kong-based security group Sangfor Technologies planned to detail Windows Impress Spooler goose egg-day exploits at the upcoming Black Hat USA conference and published the proof-of-concept exploit online. The firm then removed it later realizing that the exploit was still agile, but the code had already been copied.

Often, security firms share these discovered exploits with the software maker to ensure that they can be patched out before details are shared with the public. In this case, however, the exploit proof-of-concept may have been published prematurely or there may have been a miscommunication between the group and Microsoft.

This isn't the beginning time that Windows Impress Spooler has been exploited with disastrous results. The Stuxnet worm, discovered in 2010, similarly exploited a vulnerability in the service and wreaked havoc on Iran'southward nuclear facilities before spreading elsewhere around the world.

• More: 700 million exposed in LinkedIn data scrape — what to practice now

Andrew Hayward is a author and editor based in Chicago. His work roofing tech, crypto, games, and esports has appeared in more than 100 publications around the world, including Polygon, Rolling Stone, Decrypt, and Stuff. He has covered cryptocurrency extensively since 2019, including coins, crypto games, and NFTs, and interviewed many creators and prominent figures in the space. He has also personally invested in several coins and currently holds less than i BTC, 2 ETH, and 700 ADA, along with smaller amounts of other coins.

Source: https://www.tomsguide.com/news/windows-hit-by-printnightmare-exploit-what-you-need-to-know

Posted by: fitzsimmonsapped1960.blogspot.com

Share this post