Is your computer safe from the PrintNightmare security flaw? Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.
The Security Flaw
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service. Researchers at cybersecurity company Sangfor accidentally published a how-to guide for exploiting it.
The researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it. Unfortunately, it was quickly published elsewhere online, including on the developer site GitHub.
Microsoft warned that hackers that exploit the vulnerability could install programs, view and delete data or even create new user accounts with full user rights. As a result, that gives hackers enough command and control of your PC to do some serious damage.
Windows 10 is not the only version in jeopardy — Windows 7, which Microsoft stopped supporting last year, is also subject to vulnerability.
How to Patch PrintNightmare
Despite announcing that it would no longer issue updates for Windows 7, Microsoft issued a patch for its 12-year old operating system, underscoring the severity of the PrintNightmare flaw. Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 will are “expected soon,” it said.
“We recommend that you install these updates immediately,” the company said.
If there’s any good news, the current security update is cumulative, meaning it contains previous fixes for previous security issues.
It’s the latest in a slew of security alerts from Microsoft in the past year and a half. The company faced multiple safety issues, including in 2020 when the National Security Agency alerted Microsoft to a major flaw in its Windows operating system. The flaw allowed hackers to impersonate legitimate software companies. And this year, hundreds of thousands of Exchange users faced four vulnerabilities that allowed hackers to access servers for the popular email and calendar service. Microsoft was also the target of a devastating SolarWinds breach.
Notably, Microsoft hasn’t released a patch for Windows 11. Its newest operating system, due out soon, is currently available to beta testers. According to CCS Insight, Windows 11 comes six years after Microsoft last overhauled its operating system. Today, Windows 10 is running on around 1.3 billion devices worldwide.
(Original Source: CNN.com)
About Cinch I.T.
Since 2004, Cinch I.T. has been providing customer-focused I.T. services for businesses of all sizes. Whether you need on-site support or a reliable cloud computing office, our computer support offers the fastest and friendliest service in the industry. Cinch is one of the nation’s fastest-growing I.T. support franchises with 8 locations and counting. To learn more about our history as a computer support service provider, visit cinchit.com. For more information about I.T. franchise opportunities, visit cinchfranchise.com.
Click here to find your nearest local Cinch I.T. office:
- Framingham, MA, Firstly;
- Marlborough, MA, Secondly;
- Newton, MA, Thirdly;
- Taunton, MA, Fourthly;
- Woburn, MA, Fifthly;
- Worcester, MA, Sixthly;
- Troy, MI, Seventhly;
- Vinings, GA, Lastly.