By Emma Nitzsche
Microsoft issued an urgent security warning to Windows 10 and 7, asking all users to install the latest security patch without delay after researchers found a severe vulnerability in the operating system.
The security flaw is known as ‘PrintNightmare’ and is part of the Windows Print Spooler service. Microsoft’s researchers accidentally published a detailed guide to exploiting the program, and the guide was leaked online. The threat was discovered earlier this month, allowing hackers to execute code with system-level privileges remotely.
Bad actors could exploit the vulnerability by installing programs, deleting data, or creating new accounts with full user rights. Essentially, a criminal could install software onto PCs and keep a log of everything typed on the keyboard. As a result, users’ personal information such as banking details and passwords could be exposed and exploited.
Thankfully, Microsoft discovered the vulnerability and found a way to fix the PrintNightmare bug. Windows fans should protect their information by installing the latest updates as quickly as possible.
“Microsoft has completed the investigation and has released security updates to address the vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately,” the research company working with Microsoft said.
Microsoft has issued patches for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1, and other supported versions of Windows 10. In addition, updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 are expected soon.
Most bugs take software companies a while to fix, but Microsoft pushed out the security update rapidly since users were already exploited.
Additionally, Microsoft encouraged administrators to disable the Windows Print spooler service in Domain Controllers on systems that do not print.
“Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object,” the Cybersecurity and Infrastructure Security Agency said.
Microsoft has experienced a string of safety issues in recent years. In 2020 the National Security Agency alerted Microsoft of a significant flaw in its Windows operating system that could let hackers pose legitimate software companies. In January, a vulnerability in the Exchange software allowed hackers to access servers for the popular email and calendar service.