Microsoft issues emergency Windows patches for PrintNightmare flaw

Bad actors can exploit the flaw to remotely run code on victims' computers.

Sponsored Links

Low angle view from below of businessman man hacker identity theft thief working overtime looking on laptop computer in office space evening late night midnight alone solitude secret eyes staring glaring looking like ghost ghost like alien like sinister scary spooky security breach protocol intelligence agency government foreign steal anonymous chat bot unknown cyber warfare spam attack computer virus bug malware trojan horse power outage
Shannon Fagan via Getty Images

Microsoft has released an emergency patch to address a critical flaw in the Windows Print Spooler service that bad actors are actively exploiting, as noticed by The Verge. A few days ago, the tech giant has published a security advisory to notify users about the flaw called PrintNightmare, though it didn't name the bad actors currently using it to infiltrate victims' computers. 

Attackers taking advantage of the vulnerability can remotely run code with system-level privileges, giving them the ability to install programs in the victims' computers, delete or change data and create new accounts with full user rights. The vulnerability impacts all versions of Windows, and the company advised users to disable Print Spooler to deactivate local and remote printing to prevent hackers from getting in. They can also disable just the inbound remote printing capability through Group Policy. 

Now, after investigating the vulnerability, Microsoft has issued patches for several versions of the Windows Server, Windows 10, Windows 8 and even Windows 7 — security updates for this OS ended in January 2020 — platforms. The vulnerability has been classified as "Critical," which means its "exploitation could allow code execution without user interaction." Microsoft is asking users to install the updates immediately or to take steps towards protecting their systems if they can't. 

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget