Microsoft Issues New Windows Patch For Rampant PrintNightmare Security Flaws, Update ASAP
Microsoft is pretty confident that it has finally addressed the dreaded PrintNightmare that has been keeping IT admins awake at night. Okay, maybe that is a slight exaggeration. However, the vulnerability within Microsoft's Windows Print Spooler service has definitely been a recurring headache, and is seemingly fixed (knock on wood).
The first warning of the PrintNightmare bug
came abut a month and a half ago. Microsoft explained that remote code execution could occur when the Windows Print Spooler service "improperly performs privileged file operations." If successfully exploited, an attacker could run malicious code on a system full privileges. Not good.
An emergency Windows 10 patch
issued later that same month ended up breaking some Zebra printers, which for those affected, was like hitting themselves over the head with a hammer to alleviate a migraine.
That was not the end of the printer woes, either. Another printer vulnerability reared its ugly head
in mid-July, and a short while later, a cybersecurity researchers demonstrated that the PrintNightmare bug was not a theoretical one, and showed how easy it was to leverage the exploit.
"Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior," Microsoft says.
Starting with these updates, by default, installing Point and Printer drivers will require administrative privileges. That means non-Admins will lose that ability, though users can make a registry tweak to get around the preventative measure. Microsoft cautions that IT departments should be "very careful" when going that route, because it "makes devices vulnerable" again.