Microsoft has released a security alert notifying Windows users to immediately install an update after a serious vulnerability was found in its operating system. The security vulnerability is impacting the Windows Print Spooler service and researchers mistakenly posted a guide on how to exploit it online.
The risk stemming from this is where threat actors could exploit the vulnerability. This could have led to installing programs, viewing and deleting data or creating new user accounts with full user rights. Additionally, Microsoft has yet to release a patch for Windows 11.
The Microsoft warning comes in response to ‘PrintNightmare’, a critical zero day flaw in the Windows Print Spooler service which is actively being exploited by hackers to remotely execute code with system-level privileges (the ultimate goal for attacks).
“Microsoft has completed the investigation and has released security updates to address this vulnerability,” Microsoft said in a post on its website. The global giant adds, helpfully: “We recommend that you install these updates immediately.”
Looking at the issue for Digital Journal is Anurag Kahol, CTO and co-founder of Bitglass.
Kahol explains that: “This vulnerability notification comes after many recent Microsoft security incidents, including the Exchange server hack that impacted hundreds of thousands of users and the major flaw discovered in the Windows 10 operating system that allowed hackers to pose as software companies.”
With this specific case he says: “In this case, the vulnerability identified in the Print Spooler service can be easily exploited by hackers and used to obtain full control of users’ PCs, install programs, as well as view and delete data.”
He adds “This is a prime example of the repercussions that can occur when organizations use a single vendor for both their applications and security.”
To achieve this, Kahol adds: “Enterprises must abandon their single vendor security infrastructure in place of an integrated platform that can provide them with consistent, comprehensive security to protect their cloud and network resources.”
There is help at hand: “Fortunately, a secure access service edge (SASE) delivers end-to-end threat protection and replaces multiple, disjointed point products that must be installed and updated individually.”
This set-up should mean: “With a unified solution that can streamline security across the entire IT ecosystem, organizations can confidently face the evolving threat landscape.”