Microsoft plans to roll out an emergency patch to fix a critical flaw in its Windows Print Spooler service. The issue, dubbed PrintNightmare, was discovered after security researchers accidentally published proof-of-concept (PoC) exploit code. As a result, Microsoft issued security updates to fix the flaw, citing the possibility that an attacker could remotely execute code with machine-level privileges.
The Print Spooler service runs by default on Windows, so Microsoft has been forced to issue patches for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1, and a variety of supported versions of Windows 10. In an unusual move, Microsoft has even issued patches for Windows 7, which officially ended support last year. Microsoft has not yet released patches for Windows Server 2012, Windows Server 2016, or Windows 10 Version 1607. The latest Windows security updates will be released soon, Microsoft says.
Attackers can exploit PrintNightmare to execute code remotely, giving them the ability to install programs, modify data, or create new accounts with full admin capabilities. According to Microsoft, you should install these updates immediately. Updated security patches dated July 6, 2021 and thereafter will fix CVE-2021-1675 as well as an additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, described in CVE-2021-34527.