PrintNightmare fix means you should update your Windows PC immediately

Microsoft has issued a critical software update for Windows machines after security researchers discovered a serious vulnerability known as PrintNightmare.

The vulnerability affects the Print Spooler functionality, which enables multiple users to access the same printer. “We recommend that you install these updates immediately,” Microsoft said.

Cybersecurity company Sangfor had published their findings in May and, accidentally, published a report which included a guide to exploiting the flaw for Windows 7 and Windows 10. It was deleted by the company, but not before it was published to Github, giving bad actors a neat little bow-tied how-to guide for the vulnerability which has remained live since.

Microsoft said those who could exploit the flaw could commandeer a PC to install programs and create new user accounts with administrator privileges. That could do serious damage to the best laptops, limit owners’ ability to control the machine and could lead to harmful data theft and exploitation.

We deleted the POC of PrintNightmare. To mitigate this vulnerability, please update Windows to the latest version, or disable the Spooler service. For more RCE and LPE in Spooler, stay tuned and wait our Blackhat talk. https://t.co/heHeiTCsbQ

— zhiniang peng (@edwardzpeng) June 29, 2021

In a post on the Microsoft Security Blog, the company wrote: “Today Microsoft released an Out-of-Band (OOB) security update for CVE-2021-34527, which is being discussed externally as PrintNightmare. This is a cumulative update release, so it contains all previous security fixes and should be applied immediately to fully protect your systems.

“The fix that we released today fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections.”

The new feature restricts the installation of new printer drivers following the update, enabling users to protect their machines moving forward.

Some Windows Server versions will get the update soon, but everyone else will be able to download the update via the usual Windows Update version. The vulnerability does not appear to affect machines running the Windows 11 preview builds because Microsoft has not released the patch for those betas.

The launch of the patch for Windows 7 is good news for those who haven’t updated, considering Microsoft has long halted official support for the legacy OS.