Facepalm: Microsoft is again advising its customers to disable the Windows Print Spooler after a new vulnerability emerged that allowed hackers to execute malicious code on their devices. While a patch will be issued in time to fix the defect, the most effective solution on the table is to stop and completely disable the print spooler service.
This is the third printer vulnerability to appear in just five weeks. While a major flaw was first identified and corrected in June, a similar bug - renamed PrintNightmare - was later corrected (with varying degrees of success).
The emergence of this new vulnerability is disappointing news for Microsoft and its users. Microsoft warns online customers about the new Print Spooler vulnerability, saying: “When the Windows Print Spooler service incorrectly handles privileged file operations, there is a level of vulnerability. An attacker who successfully exploits this vulnerability could execute arbitrary code with privileged system, then the attacker can install applications, view, modify or delete data, or create new accounts with full rights. Create a user." p>
This is very important! If you enable the "Print Spooler" service (which is the default service), any remote authenticated user can run the code as a system on the domain controller. Stop and disable the service on any DC now! https://t.co/hl0NItsrBF pic.twitter.com/s4yE2VVl5I- Will Dormann (@wdormann) June 30, 2021
The main thing in securing your PC is to shutdown and disable the system if caching is running Run, print the entire service - Microsoft tells you how to do it online. While a patch for this vulnerability will be released in due course, no timeline is currently available. p>
Microsoft says spooling disables Windows printing or else you could be hacked