[ad_1]
Facial palm: Microsoft is once again advising customers to turn off the Windows print spooler after a new vulnerability emerged that allows hackers to run malicious code on machines. Although a patch to correct the flaw will be released in due course, the most effective workaround currently on the table is to stop and completely disable the print spooler service.
This is the third print spooler vulnerability to emerge in just five weeks. While a critical flaw was initially identified and patched in June, a similar flaw – dubbed Print Nightmare – appeared shortly after and was subsequently fixed (with mixed success).
The emergence of this new vulnerability is frustrating news for Microsoft and its users.
Microsoft has alerted customers to the new online print spooler vulnerability, writing: “An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.” An attacker who successfully exploited this vulnerability could execute arbitrary code with SYSTEM privileges. An attacker could then install programs; view, modify or delete data; or create new accounts with full user rights. “
Its very important!
If the “Print Spooler” service is enabled (which is the default), any authenticated remote user can run code as SYSTEM on the domain controller.
Stop and disable the service on any DC now! https://t.co/hl0NItsrBF pic.twitter.com/s4yE2VVl5I
– Will Dormann (@wdormann) June 30, 2021
The main thing in terms of your computer’s security is to stop and completely disable the print spooler service, if it is running – Microsoft explains how you can do this online. Although a patch for this vulnerability is being released in due course, no timeline is currently available.
[ad_2]
Source link