Microsoft is addressing a critical vulnerability in Windows 10 versions including the latest version. This will address a Windows 10 vulnerability called PrintNightmare. This bug also allows attackers to leverage the Windows print service to take control of the desktop and spread malware all around it.
The company has started rolling out-of-band Windows 10 updates to remedy a PrintNightmare glitch affecting the users. Proof of concept was accidentally revealed because researchers conflated the vulnerability with another issue. Later, they published the technical details of the vulnerability before it had been patched, leading servers hospitable to attacks. This encouraged cybersecurity agencies and server admins to disable the Windows print spooler service.
The cybersecurity agency said, “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object.”
The accidental disclosure prompted Microsoft to jump in quickly and release a patch and the vulnerability is now identified as CVE-2021-34527 and the issue can be solved now. The company has said that the security updates for all versions of Windows 10 will be released soon.
Microsoft said, “The security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as ‘PrintNightmare’, documented in CVE-2021-34527.”
Sharing some details on the vulnerability, the company has said that, after installing this patch, users who are not administrators can only install signed print drivers to print service. The installed root certificates trust the Root Certification Authorities signed drivers. The company recommends that you instantly install this update on all Windows supported clients and devices that include the currently hosting print server role. After all this is done, Microsoft says that you may also have to configure your device to achieve optimum results.