Emergency Windows patch issued by Microsoft to fix PrintNightmare bug that allows hackers to take over computers
An out-of-band emergency Windows patch has been issued by Microsoft to fix a critical security flaw. The bug enabled hackers to take control of a user’s personal computer remotely.
The bug known as PrintNightmare was revealed last week after security researchers accidentally published a proof-of-concept for the exploit. Now, the company has rolled out an emergency patch to fix this bug that it is listed as ‘critical’ on its website.
Microsoft is tracking the PrintNightmare bug as CVE-2021-1675 and CVE-2021-34527 and it has released a security update for all versions of its Windows operating system to patch this vulnerability on July 6. The list includes the Windows Server 2019, the Windows Server 2012 R2, the Windows Server 2008, Windows 8.1, Windows RT 8.1, and supported versions of Windows 10. In a rather surprising move, Microsoft has also issued a patch for Windows 7 that reached the end of support on January 14, 2020.
However, the company is yet to roll out the update for the Windows 10 version 1607, the Windows Server 2016, and the Windows Server 2012. “CVE updated to announce that Microsoft is releasing an update for several versions of Windows to address this vulnerability. Updates are not yet available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012. Security updates for these versions of Windows will be released soon,” Microsoft said.
As far as the PrintNightmare bug is concerned, Microsoft explains that a remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the company added.
Microsoft also said that all security updates released on and after July 6, 2021, contain protection against the PrintNightmare bug. The company is now advising users to update their PCs immediately.