Microsoft Issues Security Warning against PrintNightmare Vulnerability: Urges Immediate Update Installation

Windows users need to urgently install the latest update after several security researchers have found an unpatched critical flaw in Windows 10.

The critical flaw, dubbed PrintNightmare, came into light when security researchers at Cybersecurity Company – Sangfor, mistakenly published a Proof-of-Concept (POC) exploit and subsequently deleted it. However, not before it got posted online and reached the developer site – GitHub.

The researchers found a critical flaw in the Windows Print Spooler service, which allowed hackers to remotely execute code with system-level privileges and enabled multiple users to access a printer.

More about PrintNightmare Vulnerability

Microsoft warned that the hackers exploited the user vulnerability, which means they could install programs, view and delete data, and even create new user accounts with exclusive rights. It means that hackers get enough control over your system to cause severe damage, such as data or identity theft, data breach, and more.

Print Spooler runs by default in the Windows system, and as this vulnerability seems to be causing some serious issues, you may want to look out for solutions to get rid of it as soon as possible. Hence, Microsoft has released security patches for Windows Server 2012 R2, Windows Server 2019, Windows Server 2008, Windows 8.1, Windows RT 8.1, and several other supported versions of Windows 10.

Microsoft admits, “The code that contains the vulnerability is in all Windows versions.” Additionally, it recommends, “to secure your system; you must confirm that the following registry settings are set to 0 (zero) or are not defined:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint

NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)

NoWarningNoElevationOnUpdate = 0 (DWORD) or not defined (default setting)”

Moreover, Cybersecurity and Infrastructure Security Agency (CISA) recommends to the admins “disable the Windows Print spooler service in Domain Controllers and systems that do not print. Additionally, administrators should employ the following best practice from Microsoft’s how-to guides.”

Microsoft is also Patching Windows 7

Windows 10 is not the only version affected. Even Microsoft is patching Windows 7. Earlier Microsoft announced that it would no longer provide any support or issue any update for Windows 7. However, keeping the severity of PrintNightmare vulnerability into consideration, it has now released a security patch for its 12 years old OS.

How to Fix ‘PrintNightmare Vulnerability’?

The issue is quite severe though. But fortunately, you can install the latest security update released by Microsoft. The security update is cumulative, including the previous fixes for the earlier issues with the latest ones.

As mentioned above, the hackers that exploit the vulnerability could even install malicious programs to your system, view, and delete your system data. If you’re worried about your data, use powerful data recovery software, such as Stellar Data Recovery Professional. The software supports data recovery from Windows PCs, laptops, and storage drives, such as HDD, SSD, USB drives, SD cards, and more.

What Else?

In the year 2020, Microsoft had released security updates against a significant flaw in its OS, which enabled hackers to pose as genuine software companies. However, in 2021, thousands of Exchange users encountered several vulnerabilities, which led hackers to access servers for the popular email and calendar service.  And now, this PrintNightmare vulnerability is causing damage to Windows users.

Moreover, no security patch has been released yet for Microsoft’s latest Operating System (OS) – Windows 11, which is due soon. Windows 11 is currently available only for beta testers. It will be released after six years of the launch of Windows 10, which is being used in around 1.3bn devices globally.