Microsoft has issued a warning to Windows users about an unsecured serious problem that can allow hackers to install harmful programs on their PCs if they do not maintain their operating system. The ‘PrintNightmare’ issue, which has been discovered in the Windows Print Spooler service, is named after the person who discovered it.
According to the researchers, the flaw dubbed “PrintNighmare” may be exploited by hackers to take control of a user’s computer system. Even though Microsoft has not yet assigned a vulnerability rating to the flaw, the company has acknowledged that the dangerous issue is present in all versions of Windows.
“Microsoft is aware of and is actively researching a remote code execution vulnerability that affects the Windows Print Spooler. This vulnerability has been issued the CVE-2021-34527 identifier. Because this is a rapidly developing issue, we will update the CVE when new information becomes available.
When the Windows Print Spooler service incorrectly conducts privileged file operations, a remote code execution vulnerability exists that may be exploited. An attacker who successfully exploited this vulnerability may execute arbitrary code with SYSTEM rights on the victim’s computer. An attacker may then use this information to install applications, read, edit, or remove data, or establish new accounts with full user rights,” the firm stated in a press release.
According to the Bleepingcomputer article, Microsoft delayed a few days to recognize the problem, but it is now notifying consumers that the weakness is being used by hackers to steal their personal information and financial information. The hackers use the admin rights to install malicious programs, obtain administrative access, alter data, and establish new accounts on the victim’s computer.
Microsoft is presently trying to resolve the issue, but in the meanwhile, the firm is advising customers to utilize the Windows Print Spooler service to print documents. It has been recommended by the Cybersecurity and Infrastructure Agency that administrators turn down the Windows Print spooler service on Domain Controllers and computers that do not generate printouts.
“Due to the risk of exposure, the Print spooler service on domain controllers and Active Directory administration systems must be deactivated. This is best accomplished by utilizing a Group Policy Object, according to the agency.
The print spooler, for those who are unfamiliar with the term, is software that is included with the Windows operating system. It temporarily saves print jobs in the computer’s memory until the printer is ready to print them.