Microsoft Warns Users About Print Spooler Vulnerability That Is Being Exploited

Microsoft has put out a warning regarding a serious new vulnerability that allows a remote attacker to pwn your computer. Called ‘PrintNightmare,’ the security flaw exists within the Windows Print Spooler service, which helps handle printing jobs. And apparently accordingly to The Verge, it’s being actively exploited.

There are currently no patches that fix the PrintNightmare exploit. But Microsoft is working on a fix. Until then, there are a few mitigation options that Microsoft has suggested:

  • Users can disable the Print Spooler service to remove printing capability locally and remotely. That to me is the nuclear bomb to kill a fly approach to solve this problem.
  • Users can disable inbound remote printing through Group Policy. That would block inbound remote printing operations and should prevent remote attacks using the exploit. That’s a more nuanced approach.

Both of those would be useful to companies. But at least on first glance, home/SMB users may have to wait until patches come out. Seeing as this is being explored, it may not take long for patches to appear.

2 Responses to “Microsoft Warns Users About Print Spooler Vulnerability That Is Being Exploited”

  1. […] recall that I brought you the story of a serious bug in Windows called PrintNightmare which was being exploited. Microsoft has issued out-of-band patches for this bug. Sort of. Patches […]

  2. […] another vulnerability connected to its Windows Print Spooler service. This just after fixing “PrintNightmare“. Maybe. Either way, it’s not a good look for Microsoft. This one is listed as […]

Leave a Reply

%d bloggers like this: