Microsoft has issued an emergency Windows update to patch the PrintNightmare vulnerability, which allows hackers to take over PCs through the Print Spooler system. This update covers a wide range of Windows operating systems, including Windows 7, which exited Microsoft’s security update cycle late last year.
Update, 7/7/21 4:31 pm Eastern: It turns out that this patch is somewhat useless. As reported by Bleeping Computer, hackers can easily gain SYSTEM privileges on older machines by leveraging PrintNightmare’s local privilege exploit component. On newer machines, hackers simply need to enable the Point and Print Restrictions policy to bypass Microsoft’s patch, which is a small hurdle for someone who really wants to gain control of a PC or network.
For the time being, the only way to defend yourself from PrintNightmare is to disable the Windows Print Spooler—Microsoft’s Security Response Center has a step-by-step guide on this subject. We will continue to report on the PrintNightmare exploit as new information comes to light.
PrintNightmare, also known as CVE-2021-34527, was discovered by researchers at the Chinese tech company Sangfor. These researchers published a proof of concept on PrintNightmare because they mistook it for a similar, previously patched vulnerability. This proof of concept provided the blueprint for hackers to exploit PrintNightmare, and according to Microsoft, several systems were compromised by the bug.
A few days after Sangfor published its proof of concept, Microsoft classified PrintNightmare as a critical vulnerability. The exploit, if utilized, gives hackers full control over a system, and it affects all versions of Windows.
Clearly, PrintNightmare presents a serious threat to individuals, businesses, and organizations with large networks, such as libraries. That’s probably the reason why Microsoft is pushing an emergency update for nearly all versions of Windows released since 2008. The patch list includes Windows 10, Windows 8.1, Windows RT 8.1, Windows 7, and several versions of Windows Server, including the 2019, 2012 R2, and 2008 releases. Updates for Windows Server 2012 and 2016 are coming soon, along with an update for Windows 10 version 1607.
Microsoft recommends that Windows users install this update immediately. You can manually update Windows through the Windows Update page in your Settings.