PrintNightmare: this Windows flaw unveiled by mistake can cause serious problems

    A Windows security vulnerability was mistakenly exposed before Microsoft rolled out a fix. This breach called PrintNightmare affects the service of the OS that puts files on hold preparing to be sent to the printer.

    Source: Markus Spiske sur Pexels

    Source: Markus Spiske sur Pexels

    A small communication error can cause serious problems. A security breach of Windows, called PrintNightmare (printing nightmare in French), was discovered by researchers at Sangfor Technologies. Issue: Microsoft had yet to deploy a patch when cybersecurity experts released their studies proof-of-concept explaining how the breach could be exploited.

    A misunderstanding

    Sangfor researchers wanted to publicly expose several security flaws in Windows at the annual Black Hat conference scheduled for July in the United States. However, it seems that a misunderstanding prompted experts to reveal the problem earlier than expected. The latter apparently believed that Microsoft had already corrected the problem.

    They therefore hastened to delete their software test, but too late: it had already been found on GitHub.

    We deleted the POC of PrintNightmare. To mitigate this vulnerability, please update Windows to the latest version, or disable the Spooler service. For more RCE and LPE in Spooler, stay tuned and wait our Blackhat talk.

    — Zhiniang peng (@edwardzpeng) June 29, 2021

    PrintNightmare is a flaw 0-day housed in the Windows print spooler. This is the service that manages the system's print jobs: documents sent to the printer are queued there. By exploiting PrintNightmare, malicious hackers can execute code remotely and intervene directly at the system level. However, the dangerousness of the fault has not yet been officially assessed.

    “All versions of Windows” are affected

    After a few days, Microsoft began to communicate on this subject to warn users that the flaw was unfortunately well and truly exploited.

    Microsoft 365 Defender customers can also refer to the threat analytics report we published on this vulnerability. The report provides tech details, guidance for mitigating the impact of this threat, and advanced hunting queries, which are published here:

    — Microsoft Security Intelligence (@MsftSecIntel) July 2, 2021

    Microsoft says its teams are working on a fix and, in the meantime, is urging customers to turn off printing software or still turn off remote printing. In addition, the company explains that “the code that contains the vulnerability is found in all versions of Windows ».

    While the eyes of the Redmond firm are particularly focused on Windows 11, it remains to be hoped that Microsoft will finally find a way to more effectively secure the famous print spooler, which has already caused several breaches in the past.

    Windows 11 is available for testing for members of the Insider program. Here's how to download and install the new version of Windows ahead of time.
    Read more

    Source: PC – Frandroid by

    The article has been translated based on the content of PC – Frandroid by

    We stand by the rights of the original author of the post, no matter what. We always respect and prioritize the copyright of the content and always include the original link of the source article. If the author of the original article has any issue with it, just leave a report below, we’ll edit it or delete it. Whatever it takes. We will make it right as quickly as possible to protect the rights of the author.

    Thank you very much! Best regards!

    Recent Articles

    God of War Ascension: 3D model reveals very different Kratos

    Game news God of War Ascension: 3D model reveals very different...

    ‘Xiaomi 11T costs 499 euros, 11T Pro available from 649 euros'

    The Xiaomi 11T price has emerged from a well-known source. That device will be...

    Google Messages: Gmail's automatic reminders are coming to the app soon

    Google Messages is preparing to welcome a feature from Gmail. The “Nudges” or “Automatic reminders” in the language of Molière were launched...

    Xiaomi Smart Glasses: Concept glasses with MicroLED with support for navigation, calls and notifications |

    I think a large group of readers remember Google Glass very well. Glasses with "smart" functions were a kind of revolution that...

    Related Stories

    Leave a Reply

    Stay on top - Get the daily news in your inbox