Recently Microsoft has notified Windows users about an unpatched crucial bug. According to the company, this bug can allow hackers to install malicious software in the systems of Windows users. Moreover, the bug has been detected in the Windows Print Spooler service known as PrintNightmare.
According to researchers, the hackers can exploit the bug called PrintNightmare and can get access to a user’s system. The company still has not assessed the vulnerability but accepted that the destructive bug is available in all the versions of Windows.
Microsoft stated in a statement,
“The company is aware of and examing a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an changing situation, and we are going to update the CVE as more information is available. A remote code execution vulnerability exists when the Windows Print Spooler service incorrectly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Furthermore, according to a report issued by Bleepingcomputer, the company took several days to recognize the bug. However, the company is now notifying the users that hackers are exploiting the bug called PrintNightmare. Moreover, cyber-criminals install malicious software, get admin rights, change data, and make new accounts utilizing the admin rights.
The company is reportedly working on finding the solution to fix the problem. However, until that time, Microsoft has requested the users to Windows Print Spooler service.
Apart from that, the Cybersecurity and infrastructure agency has urged administrators to disable the Windows Print spooler service in Domain Controllers as well as systems that do not print.
The agency stated,
“Thanks to the possibility for exposure, domain controllers and Active Directory admin systems require to have the Print spooler service disabled. The suggested way to do this is utilizing a Group Policy Object.”
For those of you who don’t know, the print spooler is software that is available in the Windows operating system. It stores print jobs in the memory of the computer before the printer eventually prints it.