Microsoft Warns Windows Users Of Unpatched Critical Bug
- ByStartupStory | July 3, 2021
Microsoft has warned Windows users of an unpatched critical bug that can enable hackers to install malicious programs and access key data on their systems. A captious flaw is present in the Windows Print Spooler service and is nicknamed as ‘PrintNightmare’. The US national cyber agency has said that the attacker can exploit ‘PrintNightmare’ to take control of an affected system. The company said in an update on Thursday, “Microsoft is aware of and investigating a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation,”.
When the Windows Print Spooler service improperly performs privileged file operations then a remote code execution vulnerability exists. “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft warned. Further Microsoft said, “The code that contains the vulnerability is in all versions of Windows”. The Print Spooler service runs by default on Windows, including on client versions of the OS, Domain Controllers, and many Windows Server instances.Vulnerabilities in the Windows Print Spooler service have been a serious problem for system administrators for years.
The US Cybersecurity and Infrastructure Security Agency (CISA) has encouraged “administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print.”Microsoft is working on it and has asked users to disable the Windows Print Spooler service, or disable inbound remote printing through Group Policy. “Exploits such as this underline how important it is to both securely authenticate users and be in a position to identify unusual network activity,” Martin Lee, technical lead at Cisco Talos, told The Registrar.