Microsoft warns users to update PC 'immediately'2021-07-07 18:07 by Daniela
Tags: Microsoft, Windows, PrintNightmare
Microsoft has started rolling out an emergency Windows patch to address a critical flaw in the Windows Print Spooler service. The vulnerability, dubbed PrintNightmare, was revealed last week, after security researchers accidentally published proof-of-concept (PoC) exploit code. Microsoft has issued out-of-band security updates to address the flaw, and has rated it as critical as attackers can remotely execute code with system-level privileges on affected machines.
CNN reported that the firm Sangfor mistakenly tweeted in late May a proof-of-concept showing that they had found a security flaw in the Windows Print Spooler service, which allows multiple people to access the same printer.
While the firm eventually deleted the post, screenshots of it were posted other places online, prompting Microsoft to warn customers that hackers could use the vulnerability to install programs, as well as view or delete data.
"We recommend that you install these updates immediately," says Microsoft. "The security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as 'PrintNightmare', documented in CVE-2021-34527."
In fact, the threat is so severe that the company issued a patch for the 12-year-old Windows 7 more than a year after ending support for it. If you have automatic updates enabled, it's likely your PC has already downloaded the security update. Patches for operating systems aimed at IT professionals are expected soon.
Read more -here-