Microsoft warns about new vulnerability "PrintNightmare"
Click here to post a comment for Microsoft warns about new vulnerability "PrintNightmare" on our message forum
Webhiker
Assumption is the mother of all f-ups. Proven again and again. When will people learn.
van_dammesque
I am on Win 10, I only have "Allow Print Spooler to accept client connections" so have disabled that instead.
Mineria
You can disable publishing it as well
Astyanax
https://cdn.discordapp.com/attachments/247515315825672203/861568210569658398/unknown.png
its disabled by default, unless you're sharing a wired printer amongst your local network.
This exploit requires the installation of a compromised printer driver in the first place, it cannot be exploited simply by having client connections available. (or other trojan exploit)
If your print domain is already infected, this exploit allows clients to be easily infected since the infected driver will be added to the print server store, clients could pull it down by clicking on or trying to print to it.
asturur
I think is more MS that should be speedier in fixin or disabling the policy with an update if they know the research came from an external lab
David Lake
Its "Print Spooler" on 7.
schmidtbag
How has MS not figured out yet that the reason their OS has always been plagued with security issues is because they keep opening up access to everything?
dragonlord
My understanding is that end users who have patched via WIndows Update in June are already protected/mitigated from this. The current issue is with businesses running Active Directory and so that will be patched soon. Meanwhile, there are mitigation workarounds to address this for business IT admins.
Please correct me if I am wrong about this.
tsunami231
printer spool service? i have had that "manual" for decades i only turn it on when I actual need to print something, and I almost never do that. which manybe 3 times year? if that and i turn right off after doing so. I knew there was reason why I turn off printer spool
kakiharaFRS
another printer/spooler thing exploit wasn't that already a problem like 10 years ago (quick search found me 2010-2012-2013 already...)
edit: thx tsunami completely forgot to do it when I installed my current pc from scratch
Reddoguk
I also have no use for printing services and have always disabled Printer Spool from way back as well as the other 2 printer services in Win10.
Astyanax
they aren't, because of a still ongoing microsoft habbit of adding authenticated users to domain services.
warezme
Thank you. I hate when a vulnerability is just blurted out without any background or explanation from the very basic. It should include the extent of the vulnerabilities including vectors along with solutions or work arounds.
