More patchwork needed for Windows Print Spooler
Earlier this week, a flaw was discovered in the Microsoft Print Spooler service, leaving many users vulnerable to an attack.
Security researchers for Sangfor accidentally published a proof of concept (PoC), which has now been republished on GitHub, a website that caters to software developers.
The print spooler service is automatically enabled by default with all Windows installations. It is used to schedule your printing jobs, find your printers, load the relevant drivers, etc.
Microsoft says, this flaw would allow attackers to have admin privileges. They could:
- remotely execute code
- potentially install programs
- modify data
- create new accounts.
Currently, there is no patch to fix this issue. Microsoft recommends that admins “disable the Windows Print Spooler service in Domain Controllers ” or disable remote printing through Group Policy until they are able to find a solution.
If you think you or your business may be vulnerable, please contact us so we can help.
With this being a current Microsoft issue, we will update this as new information is presented.
Wednesday, July 7 Microsoft released a patch for Windows 10, Windows 8, Windows 7 and some server versions.
According to one user, this patch isn’t 100 percent effective. There is still room for potential exploitation.
In the meantime, users are strongly urged to update all software when they arise, as this will close any gaps to potential threats.