After security researchers found a serious vulnerability in the operating system, Microsoft is urging Windows users to install an update instantly.
PrintNightmare security flaw affects the Windows Print Spooler service. Researchers at Sangfor, a cybersecurity company by accident published a how-to guide for exploiting it.
The researchers came across vulnerabilities in Print Spooler, which allows multiple users to access a printer. They tweeted about it in late May. They unintentionally published a proof-of-concept online and later deleted it but not before it was published elsewhere online, including developer site GitHub.
Hackers that exploit the vulnerability as reported by Microsoft could install programs, view and delete data or even create new user accounts with full user rights. That gives hackers enough command and control of your PC to do some serious damage.
Windows 10 is not the only version affected, Windows 7 which Microsoft stopped supporting last year, is also vulnerable.
Microsoft issued a patch for its 12-year old operating system, underscoring the severity of the PrintNightmare flaw despite announcing that it would no longer issue updates for Windows 7. Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 will are “expected soon,” it said, according to BBC.
“We recommend that you install these updates immediately,” the company said.
The good news is that the current security update is cumulative, meaning it contains previous fixes for previous security issues too.
It’s the latest in a slew of security alerts from Microsoft in the past year and a half. The company has had its share of security issues, including in 2020 when the National Security Agency notified Microsoft of a major flaw in its Windows operating system that could allow hackers to pose as legitimate software companies. Hundreds of thousands of Exchange users were targeted this year after four vulnerabilities in its software let hackers access servers for the popular email and calendar service. Microsoft was also the target of a devastating SolarWinds breach.
A patch for Windows 11 was also released by Microsoft. Its newest operating system is currently available to beta testers and will be released soon. As reported by CCS Insight, Windows 11 comes six years after Microsoft last overhauled its operating system with Windows 10, a major update that’s now running on around 1.3 billion devices worldwide.