[ad_1]
Microsoft has started deploying an emergency patch for the Windows operating system to correct a critical flaw in the Windows Print Spooler service.
The vulnerability, dubbed PrintNightmare, was exposed last week after security researchers mistakenly published proof of concept PoC code.
The researchers pointed to the exploitation of the proof of concept, due to a misunderstanding between the researchers and Microsoft, and the test code was quickly removed, but it became available within GitHub, according to the Arabic portal d ‘technical news.
Researchers planned to detail several of the service’s vulnerabilities at the annual Black Hat Security Conference later this month, and they believed Microsoft had fixed the vulnerability. And that’s after the company released fixes for a separate flaw in Windows Print Spooler.
Microsoft released out-of-band security updates to correct the flaw, found it critical because attackers could execute code remotely with system-wide privileges on affected devices, and had to release fixes for Windows Server 2019, R2 2012, 2008, Windows 8.1, and RT 8.1. And a variety of supported versions of Windows 10, since the Print Spooler service runs on Windows by default.
Microsoft has taken an unusual step by releasing patches for the Windows 7 operating system, which was officially discontinued last year, and has yet to release patches for its operating systems, and the software giant has also stated that security updates for these versions of Windows will be released. soon.
It took a few days for Microsoft to issue an alert about the security vulnerability that affects all supported versions of Windows. The PrintNightmare vulnerability allows attackers to use remote code execution.
Actors are likely to install software, modify data and create new accounts with full administrator rights.
[ad_2]
Source link
