Microsoft has issued an urgent warning to its users to check for and install the “PrintNightmare” security patch if it’s relevant to the network. Organisations such as America’s Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre have reiterated the warning, as it becomes obvious just how dangerous the vulnerability is.
What is PrintNightmare?
PrintNightmare is a vulnerability in the operating system of the Windows Print Spooler Service, the system responsible for managing the jobs that are sent to print on a computer’s local printer or network printer. It tells your network what, where and when to print off your work, and is central to your network printing function. The PrintNightmare vulnerability allows criminals to gain access to the network via remote code execution with system privileges i.e. act like an administrator on your network, free to do whatever they please. They can exploit the vulnerability to install programs, view and delete data, or even create new user accounts with full user rights, giving them enough command of your PC and network to do some serious damage.
Both Windows 10 and Windows 7 are vulnerable, made even more so by the fact that the researchers at cybersecurity firm Sangfor accidentally published an internal guide on how to exploit the vulnerability. The publication was deleted within a few seconds, but not before it had been shared and republished on a number of other sites. What highlights the severity of the PrintNightmare flaw is that Microsoft issued a patch for Windows 7, despite discontinuing support for the end of life operating system.
How can you patch it?
Windows has already released security patches for Windows 7, Windows 8, Windows 10 and a number of its server operating systems, although not yet for Windows 11 which is available in beta form. Follow the link for your relevant patch and click to install updates. It has also been recommended that users disable the print spooler function on any system not used for printing in their network, to fully protect against the vulnerability while the patches are validated by experts.
Not sure how to do this? Speak to our team on 01453 700 800 and we’ll be happy to do it for you. All updates have been applied for our existing clients, who need not worry about taking action.
An important reminder
Whenever we use software, there is the potential for it to contain vulnerabilities, no matter how reputable the vendor. Criminals are finding ever more clever methods to exploit systems, and its this creativity that creates the potential of vulnerabilities. What this reminds us is just how important it is to keep software up to date, because security patches are released regularly and address all sorts of vulnerabilities within software, including how it runs, how secure it is, and how efficient it is on your hardware. Regular updates are an essential part of your cybersecurity defences, so make sure you have an appropriate plan in place and can support regular updates. Speak to our team on 01453 700 800 for help and advice.