• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Easy Cloud Security

Our goal is to make cloud security easy and affordable.

  • Home
  • Contact

Microsoft Warns of Critical Vulnerability Called ‘PrintNightmare’

June 23, 2022 By ray Leave a Comment

Microsoft is reportedly warning Windows users about an unpatched critical flaw in the Windows Print Spooler service, dubbed “PrintNightmare.” The critical bug allows attackers to execute code with system-level privileges in Windows computers.

The Verge reports that Microsoft has begun warning Windows users of an unpatched critical flaw in the Windows Print Spooler service that has been dubbed “PrintNightmare.” The vulnerability was uncovered earlier this week after security researchers accidentally published a proof-of-concept (PoC) exploit.

Microsoft has yet to rate the vulnerability but it allows attackers to execute code with system-level privileges which is a critical issue for Windows users. Researchers at Sangfor published the PoC in what appears to be a mistake or miscommunications between the researchers and Microsoft. The test code was quickly deleted but not before being forked (copied) on GitHub.

Sangfor researcher had reportedly been planning to detail multiple 0-day vulnerabilities in the Windows Print Spooler service at the annual Black Hat security conference late this month. It appears that the researchers believed that Microsoft had patched this particular security issue after the company published patches for a separate Windows Print Spooler flaw.

Days later, Microsoft is warning users of the potential issue. Microsoft admits “the code that contains the vulnerability is in all versions of Windows,” but it is not currently clear if its exploitable beyond server versions of Windows, meaning the majority of retail Windows users may be safe.

Microsoft is currently working on a patch but until it’s available, the company recommends disabling the Windows Print Spooler service, or disable inbound remote printing through Group Policy.  The Cybersecurity and Infrastructure Security Agency (CISA) has recommended that admins “disable the Windows Print Spooler service in Domain Controllers and systems that do not print.”

Filed Under: Common Vulnerabilities and Exposures (CVE)

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Footer

Our Main Office

24612 Narbonne Ave, Lomita, CA 90717

Phone: 626-607-4250
Email: [email protected]

Please visit our Portfolio site.

Silverdale, WA

2034 NW Bobwhite Lane, #A2-201, Silverdale, WA 98383

About Us

At Easy Cloud, we give enterprises the ability to adopt the Amazon Web Services (AWS) cloud infrastructure quickly, efficiently, and at scale. Freeing our customers from traditional IT models enables them to innovate and become tomorrow’s leaders.

Copyright © 2022 · Powered by Easy Cloud Solutions