- Posted by Makayla Shaffer
- On August 30, 2021
- 0 Comments
- cybersecurity, PrintNightmare
Microsoft recently identified a vulnerability with their Print Spooler system named nicknamed ‘PrintNightmare”. The Print Spooler is the program built into Microsoft Window to manage your print jobs on a computer or a server. Print Spooler manages, in the background, your print jobs, lines them up, schedules them to be printed and receives files to be printed.
The PrintNightmare vulnerability has the potential to allow hackers to remotely access computers and servers and create their own account within, giving them full user access to not only the computer, but the network it is attached to as well. These vulnerabilities are identified as: CVE-2021-1675 and CVE-2021-34527 (PrintNightmare). With a security patch in June, CVE-2021-1675 was amended, but PrintNightmare was not. This vulnerability is especially dangerous as the Print Spooler is turned on by default in all Microsoft Windows systems. TrendMicro has also released some added protection of its own. This includes Rules and other forms of security that can help to detect if there was a breach to their system.
While Microsoft is working on a patch for this hole, there are some precautions they have suggested to protect your information. One precaution would be to turn the Print Spooler off on any device that is not required to print. Another choice would be disabling the ability of remote printing from an outside source. Instructions on how to accomplish these tasks can be found here on Microsoft’s website.
Microsoft also provides customers with different Technical Security Notifications to be updated on current security patches and vulnerabilities. They have Security Update Email Alerts that are sent out monthly and will provide links to new security updates as well as updates that have been re-released. Microsoft also has Security Advisory Alerts which allows Microsoft to pass on security information to you about issues that are not classified as vulnerabilities and do not require a big fuss, but should still be looked into.
Another security suggestion, from TechHQ, is Endpoint Security. Some software and appliances recommended by Susquehanna Computer Innovations include, Cisco firewalls, TrendMicro firewalls and antivirus, email security from Barracuda and any other tools provided or created by Microsoft themselves. SCI is able to help install any of the mentioned endpoint security software and we are only a phone call away.
Image Credit: Techtwiddle