Microsoft has recently addressed a vulnerability to the Windows print spooler. This vulnerability is being referred to as “PrintNightmare”.
According to Microsoft PrintNightmare can be found in how the print spooler improperly executes privileged file operations. An attacker could leverage this vulnerability to change data, install programs, and create new accounts with full user rights, among other things.
What is a print spooler?
Print spooler is an executable file that manages the printing process. The spooler accepts print jobs from the computer and makes sure that the printer’s resources are available. It also schedules the order in which jobs are sent to the print queue for printing. The print spooler, however, is separate from the print driver which is specific to the printer’s manufacturer.
Who is at risk?
“All versions of Windows are vulnerable and domain controllers are affected if print spooler service is enabled. Point and Print can be exploited through the vulnerability as well.”
How do I safeguard my systems against PrintNightmare?
It’s always best to install security updates immediately. Microsoft has made these security updates available for Windows versions including Server 2019, Server 2016, Server 2012 and versions of Windows 7 and Windows 10. You can find more information on Microsoft security updates here.
Want to chat with one of our IT experts on how our Managed Network Services can assist you with all your IT and security needs? Contact us today!