Microsoft warns about new vulnerability "PrintNightmare"

Published by

teaser

In the Windows print queue (from Windows 7 on) is a vulnrebility to be found, Microsoft alerts users about the CVE-2021-34527 vulnerability called "PrintNightmare". it enables attackers to execute code on their machine remotely. This vulnerability can lead to a problem.



The vulnerability has been there for some years, but nothing was known until this week, when a Research Group released a kit on Github on how to exploit the weakness, assuming that it had been addressed earlier in June when Microsoft corrected another Windows Spool issue. The researchers believed that it was PrintNightmare, and because they thought it had been addressed before, they showed how to use it, but it turns out that it wasn't corrected and that millions of machines have now been exposed to severe safety problems.

Solving it

Since the vulnerability is present in multiple versions of Windows and has not yet been patched, Microsoft made certain recommendations to users to restrict access to the spooler service:

  • If you don't have a printer:¬†Disable the "Print queue" service.
  • If you have a printer:¬†Go to "Edit Group Policies", select "Computer Configuration", select "Administrative Templates", select "Printers", and disable the option "Allow the print job manager to accept client connections"

Share this content
Twitter Facebook Reddit WhatsApp Email Print