Connect with us

Hi, what are you looking for?

Tech & Science

Microsoft releases yet another security alert

The latest cybersecurity warning comes from Microsoft and it concerns users of Windows.

Microsoft's Toronto flagship store. Image by Raysonho (CC0 1.0)
Microsoft's Toronto flagship store. Image by Raysonho (CC0 1.0)

Microsoft has released a security alert notifying Windows users to immediately install an update after a serious vulnerability was found in its operating system. The security vulnerability is impacting the Windows Print Spooler service and researchers mistakenly posted a guide on how to exploit it online.

The risk stemming from this is where threat actors could exploit the vulnerability. This could have led to installing programs, viewing and deleting data or creating new user accounts with full user rights. Additionally, Microsoft has yet to release a patch for Windows 11.

The Microsoft warning comes in response to ‘PrintNightmare’, a critical zero day flaw in the Windows Print Spooler service which is actively being exploited by hackers to remotely execute code with system-level privileges (the ultimate goal for attacks).

“Microsoft has completed the investigation and has released security updates to address this vulnerability,” Microsoft said in a post on its website. The global giant adds, helpfully: “We recommend that you install these updates immediately.”

Looking at the issue for Digital Journal is Anurag Kahol, CTO and co-founder of Bitglass.

Kahol explains that: “This vulnerability notification comes after many recent Microsoft security incidents, including the Exchange server hack that impacted hundreds of thousands of users and the major flaw discovered in the Windows 10 operating system that allowed hackers to pose as software companies.”

With this specific case he says: “In this case, the vulnerability identified in the Print Spooler service can be easily exploited by hackers and used to obtain full control of users’ PCs, install programs, as well as view and delete data.”

He adds “This is a prime example of the repercussions that can occur when organizations use a single vendor for both their applications and security.”

To achieve this, Kahol adds: “Enterprises must abandon their single vendor security infrastructure in place of an integrated platform that can provide them with consistent, comprehensive security to protect their cloud and network resources.”

There is help at hand: “Fortunately, a secure access service edge (SASE) delivers end-to-end threat protection and replaces multiple, disjointed point products that must be installed and updated individually.”

This set-up should mean: “With a unified solution that can streamline security across the entire IT ecosystem, organizations can confidently face the evolving threat landscape.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

If the government doesn’t think differently about the delivery, it could leave the poorest children and families far behind.

Business

What is clear is how companies can increasingly "leverage the value of that advert across multiple different platforms, not just TV. 

Business

The moves, which Beijing said were to safeguard national security, swiftly followed Washington's own curbs to hobble China's ability to make advanced computer chips...

World

Donald Trump doubled down Sunday on hard-line campaign pledges to impose trade tariffs and carry out mass deportations.