Print Nightmare Vulnerability

July 1, 2021

Featured

This is a developing story. Details are subject to change.

critical security vulnerability has been discovered affecting the Print Spooler service on all versions of Microsoft Windows. An attacker could easily exploit this vulnerability to gain control of entire domains and networks.

On June 29, 2021, researchers became aware of CVE-2021-1675, the official name of this vulnerability, which has been nicknamed “PrintNightmare”.

The vulnerability affects the Print Spooler service, which is used by all Windows PCs and servers for printing. The vulnerability is considered critical because the Print Spooler service is running on virtually all computers, and because it is easy to exploit.

PrintNightmare is also severe because it is a zero-day exploit. In many cases, security issues in software like Windows do not become public knowledge until the vendor (i.e. Microsoft) has released a patch to fix the bug. With a zero-day, the vulnerability becomes public knowledge and may be actively exploited before the vendor can release a patch.

One piece of good news: as with most Windows exploits, PrintNightmare cannot be exploited unless the attacker already has a foothold on the network. In other words, an outside attacker can’t exploit PrintNightmare at your office without first gaining inside access to the network. And as I’ve said many, many times, this usually happens when a user clicks the wrong thing or opens the wrong file.

Green Mountain IT Solutions is working to apply mitigations and work-arounds for all client networks. I expect Microsoft will release an emergency patch in the coming days to fix PrintNightmare. For now, stay vigilant, and be extra careful what you click.

Contact Us

Your local Vermont IT experts are just a phone call or email away.

Or send us a message using this form: