Microsoft warns about new vulnerability "PrintNightmare"

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Jul 5, 2021.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    45,569
    Likes Received:
    12,648
    GPU:
    AMD | NVIDIA
    insp1re2600 likes this.
  2. Webhiker

    Webhiker Master Guru

    Messages:
    744
    Likes Received:
    258
    GPU:
    ASUS RTX TUF 3080
    Assumption is the mother of all f-ups. Proven again and again. When will people learn.
     
  3. van_dammesque

    van_dammesque Member

    Messages:
    43
    Likes Received:
    18
    GPU:
    Zotac 3070
    I am on Win 10, I only have "Allow Print Spooler to accept client connections" so have disabled that instead.
     
  4. Mineria

    Mineria Ancient Guru

    Messages:
    5,527
    Likes Received:
    690
    GPU:
    Asus RTX 3080 Ti
    You can disable publishing it as well
     

  5. Astyanax

    Astyanax Ancient Guru

    Messages:
    14,995
    Likes Received:
    6,146
    GPU:
    GTX 1080ti
    [​IMG]

    its disabled by default, unless you're sharing a wired printer amongst your local network.

    This exploit requires the installation of a compromised printer driver in the first place, it cannot be exploited simply by having client connections available. (or other trojan exploit)

    If your print domain is already infected, this exploit allows clients to be easily infected since the infected driver will be added to the print server store, clients could pull it down by clicking on or trying to print to it.
     
    Last edited: Jul 5, 2021
    ImmortalicBrad likes this.
  6. asturur

    asturur Maha Guru

    Messages:
    1,306
    Likes Received:
    481
    GPU:
    Geforce Gtx 1080TI
    I think is more MS that should be speedier in fixin or disabling the policy with an update if they know the research came from an external lab
     
  7. David Lake

    David Lake Master Guru

    Messages:
    756
    Likes Received:
    44
    GPU:
    Titan V watercooled
    Its "Print Spooler" on 7.
     
  8. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    7,165
    Likes Received:
    3,623
    GPU:
    HIS R9 290
    How has MS not figured out yet that the reason their OS has always been plagued with security issues is because they keep opening up access to everything?
     
  9. dragonlord

    dragonlord Master Guru

    Messages:
    211
    Likes Received:
    71
    GPU:
    Nvidia Beta Tester
    My understanding is that end users who have patched via WIndows Update in June are already protected/mitigated from this. The current issue is with businesses running Active Directory and so that will be patched soon. Meanwhile, there are mitigation workarounds to address this for business IT admins.

    Please correct me if I am wrong about this.
     
  10. tsunami231

    tsunami231 Ancient Guru

    Messages:
    13,385
    Likes Received:
    1,310
    GPU:
    EVGA 1070Ti Black
    printer spool service? i have had that "manual" for decades i only turn it on when I actual need to print something, and I almost never do that. which manybe 3 times year? if that and i turn right off after doing so. I knew there was reason why I turn off printer spool
     

  11. kakiharaFRS

    kakiharaFRS Master Guru

    Messages:
    952
    Likes Received:
    358
    GPU:
    KFA2 RTX 3090
    another printer/spooler thing exploit wasn't that already a problem like 10 years ago (quick search found me 2010-2012-2013 already...)
    edit: thx tsunami completely forgot to do it when I installed my current pc from scratch
     
  12. Reddoguk

    Reddoguk Ancient Guru

    Messages:
    2,483
    Likes Received:
    465
    GPU:
    RTX3090 GB GamingOC
    I also have no use for printing services and have always disabled Printer Spool from way back as well as the other 2 printer services in Win10.
     
  13. Astyanax

    Astyanax Ancient Guru

    Messages:
    14,995
    Likes Received:
    6,146
    GPU:
    GTX 1080ti
    they aren't, because of a still ongoing microsoft habbit of adding authenticated users to domain services.
     
  14. warezme

    warezme Master Guru

    Messages:
    235
    Likes Received:
    34
    GPU:
    Evga 970GTX Classified
    Thank you. I hate when a vulnerability is just blurted out without any background or explanation from the very basic. It should include the extent of the vulnerabilities including vectors along with solutions or work arounds.
     

Share This Page