Microsoft has released an emergency patch to address a critical flaw in the Windows Print Spooler service that bad actors are actively exploiting, as noticed by The Verge. A few days ago, the tech giant has published a security advisory to notify users about the flaw called PrintNightmare, though it didn’t name the bad actors currently using it to infiltrate victims’ computers.
Attackers taking advantage of the vulnerability can remotely run code with system-level privileges, giving them the ability to install programs in the victims’ computers, delete or change data and create new accounts with full user rights. The vulnerability impacts all versions of Windows, and the company advised users to disable Print Spooler to deactivate local and remote printing to prevent hackers from getting in. They can also disable just the inbound remote printing capability through Group Policy.
Now, after investigating the vulnerability, Microsoft has issued patches for several versions of the Windows Server, Windows 10, Windows 8 and even Windows 7 — security updates for this OS ended in January 2020 — platforms. The vulnerability has been classified as “Critical,” which means its “exploitation could allow code execution without user interaction.” Microsoft is asking users to install the updates immediately or to take steps towards protecting their systems if they can’t.