SECURITY
SECURITY
SECURITY
Microsoft issues urgent warning over newly discovered Windows security flaw
Microsoft Corp. has issued an urgent advisory notice recommending that Windows users immediately install an update to fix a serious vulnerability.
The flaw, known as PrintNightmare, affects the Windows Print Spooler service. Attackers who can remotely execute the code can gain system-level privileges, including the ability to install software, modify or delete data and create administrative accounts that effectively give them full control of the computer or even a domain controller.
The vulnerability was revealed last week after researchers at security firm Sangfor Technologies Inc. accidentally published proof-of-concept code that showed how to exploit the flaw. Sangfor later deleted the instructions, but copies had already been posted elsewhere.
The vulnerability affects multiple versions of Windows, including Windows 10, Windows 7, Windows 8.1, Windows Server 2012 and Windows Server 2016. Microsoft recommends that the patch be installed immediately using the Windows Update service and that businesses disable the Print Spooler service until the fix can be applied to every PC on its network.
The company also took the unusual step of posting a patch for PCs running Windows 7, despite the fact that support for that 12-year-old OS ended 18 months ago. Microsoft says there are more than 1.3 billion devices currently running Windows 10.
The Sangfor team may have wrongly thought its proof-of-concept related to a Windows Print Spooler service vulnerability that had already been patched, but other researchers tested and found out it still worked, according to IT News. The code was posted to GitHub, a popular site with software developers, and quickly spread through social media.
The Print Spooler service, which was added to Windows in the mid-1990s, organizes print jobs on a user’s computer. It has been the source of numerous security woes, the most famous of which was the Stuxnet worm, which destroyed Iranian nuclear enrichment centrifuges and affected more than 45,000 networks around the world in 2010.
Windows has also been the target of several recent vulnerability reports, including a flaw in Windows Server revealed last fall that could allow attackers to gain domain administrative privileges and a bug in the way Windows handles encryption certificates that was revealed by the U. S. National Security Agency 18 months ago.
Photo: Microsoft Sweden on Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
