Microsoft has started rolling out an emergency patch for the Windows operating system to address a critical defect in the Windows Print Spooler service.
The vulnerability, dubbed Print Nightmare, was revealed last week after security researchers mistakenly published proof-of-concept PoC code.
“Error or misunderstanding”
The Sangfor researchers published a proof-of-concept exploit due to an error or a misunderstanding between the researchers and Microsoft. The test code was quickly deleted, but it is now on Git Hub.
Sangfor researchers were planning to detail several security vulnerabilities in the Windows Print Spooler service at the annual Black Hat security conference later this month.
Microsoft appears to have patched the problem, according to the researchers. That comes after Microsoft released patches for a separate Windows Print Spooler issue.
Microsoft released out-of-band security updates to address the flaw. It was rated as critical as attackers can execute remote code with system-wide privileges across affected devices.
Microsoft had to release patches for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1 and various supported versions of Windows 10. Given that the Print Spooler service runs by default across Windows.
Microsoft patches the Print Nightmare vulnerability
Microsoft took the unusual step of releasing patches for the Windows 7 operating system, which was officially discontinued last year.
Microsoft has not yet released Windows Server 2012, Windows Server 2016, and Windows 10 version 1607.
The software giant also said that security updates for these versions of Windows would be released soon.
It took Microsoft a few days to alert the security flaw that affects all supported versions of Windows.
Print Nightmare vulnerability allows attackers to use remote code execution. They will likely install software, modify data, and create new accounts with full administrator rights.
The company made it clear that it recommends installing these updates immediately. Security updates released on and after 6 July 2021 contain protections against CVE-2021-1675, and an additional remote code execution exploit in the Windows Print Spooler service known as Print Nightmare is documented in the CVE.