Update (16/7/2021 – 18:30) – EB
PrintNightmare is causing a lot of headaches for Microsoft and Windows users despite the latest security updates released for the system. Now the Redmond company has recommended users to disable the Windows Print Spooler to prevent hacker attacks.
The vulnerability, dubbed PrintNightmare, is the third vulnerability to hit Microsoft’s system in 5 weeks and allows malicious code to run on computers through an elevation of privilege error tracked by code CVE-2021-34481. The bug was discovered by Jacob Baines of Dragos Security.
Once invaded, the computer has sensitive areas of the system infected with malware that manages to start automatically every time the computer restarts, making it even more difficult to remove.
In a statement, Microsoft explained how it identified the problem and what consequences it could lead to:
An attacker who successfully exploited this vulnerability to run malicious code with system privileges. The attacker can then install the programs; view, modify or delete data; or create new accounts with full user rights.
Despite the issues, Microsoft says security updates are still offered. However, Baines, who discovered the flaw, claims he had already alerted the company about the problem in June and doesn’t understand why the company only issued this notice now, as a solution would ideally be through a system update.
Finally, Microsoft also says that it is currently recommended to disable the Print Spooler via the Services app, which can be found in the Start Menu when searching. A solution is currently in development, but there is still no defined date for its launch.
Update (16/07/2021 – 14:32) – LR
Again?! Windows print spooler introduces new vulnerability after security update
Despite fixing the major vulnerability (the so-called ‘PrintNightmare’) in the Windows print spooler, the Microsoft system apparently contains another vulnerability that was not addressed by the cumulative update released solely to fix the software vulnerability.
According to information released this week, the Windows print spooler still has another flaw identified as: CVE-2021-34481and the service increases permissions when the spooler performs inappropriate operations on a file. This issue can be exploited by third parties that can install programs, view or modify data, create new user profiles with administrative permissions, and have a number of other flaws.
Although it’s a security breach, it seems CVE-2021-34481 is not as dangerous as PrintNightmare because physical access to the device is required to exploit the vulnerability. The developer did not comment on the new hole found and did not say when it will release a new update to fix the problem. Until then, the solution is to disable the Windows print spooler.
Update (07/09/2021) – FM
More problems! Windows users report errors after update that fixed “PrintNightmare” crash
Last Tuesday (06), Microsoft released an emergency update to fix a new flaw discovered in different versions of Windows. PrintNightmare is a critical vulnerability where hackers can inject code and modify software data via printer drivers over a local network.
The company promptly released the security patch that actually fixed the vulnerability and made the subsystem safe, but the update was damaged other Windows components — Users on different platforms reported problems using printers after installing the update.
More specifically, the operating system is reportedly no longer recognizing these devices, especially when using Zebra manufacturer’s printers. Microsoft is already aware of this issue, but there are concerns about it. users who uninstalled the update to make your printers functional again.
Downgrade obviously makes computers vulnerable to remote attacks registered under CVE-2021-34527; this includes Windows 10 21H1, 20H2, 2004 and Server, as well as older Windows 8.1 and 7 systems.
company, a nova fix coming soonTo prevent non-administrator users from installing drivers without rendering devices unusable. For now, keeping the update is recommended.
Original text (07/07/2021)
Windows Gets Emergency Update to Fix ‘PrintNightmare’ Security Flaw
one Microsoft As a matter of urgency, Tuesday (6) released an update for the update. Windows 10, 8.1 and 7 Update, aCritical vulnerability known as “PrintNightmare” in the operating system.
In practice, hackers can take advantage of: an existing flaw Windows Print Spooler, system component responsible for communicating with printers.
Attackers can remotely execute code, install programs, modify data and create new accounts with full administrative rights, e.g. take full control of the machine.
The critical flaw was discovered by security researchers last week and has worried all experts as Print Spooler is running at the highest privilege level. This component installs the necessary drivers and stores the file to be printed in RAM until the document is actually sent to paper.
How to fix and update
The vulnerability is now identified as CVE-2021-34527 and fixed in the update. The update supports 21H1, 20H2 or 2004 variants of Windows 10 in addition to Server, 7 and 8.1 versions of the system.
According to the “changelog” (update notes) published by Microsoft, the fix came as non-administrator users banned the installation of printer drivers.
one Microsoft recommends that you install the update immediately to avoid big problems. The patch is mandatory and therefore can be downloaded and installed automatically via Windows Update.
economy and market
To start the process go to the Windows search field in the Start Menu and search for “Update”, then you will be redirected to the updates page and the fix should already appear. Just click on download or install and you’re done! Your system will be more secure.
Deployment happens automatically, but you can also “force” the update from the following links:
So did you download the update? Let us know in the comments below!