Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system. Microsoft has urged Windows users to install an update immediately after security researchers discovered a serious flaw in the operating system.
PrintNightmare is a security flaw that affects Windows Print Spooler. Sangfor, a cybersecurity company, accidentally published a guide on how to exploit it.
In May, the researchers posted a tweet claiming that they found flaws in Print Spooler. This allows multiple users to access a printer. The researchers published a proof of concept online in error and then deleted it. However, it was still available online on other sites, such as GitHub.
Microsoft warned hackers could exploit the vulnerability to install programs, view or delete data, and even create new accounts with full rights. Hackers can take complete control of your computer and do serious damage.
Windows 10 isn’t the only affected version — Windows 7 which Microsoft discontinued support for last year is also vulnerable.
Microsoft released a patch for Windows 7’s 12-year-old operating system, despite announcing it would not be issuing updates. This demonstrates the seriousness of the PrintNightmare flaw. It stated that updates for Windows Server 2016, Windows 10 version 1607 and Windows Server 2012 would be “expectedly soon”.
Also Read: Wells Fargo closes all personal credit lines, causing outrage
The company stated that they recommend you immediately install the updates.
The good news is that the security update at present is cumulative. This means it includes previous fixes for security issues.
This is the latest security alert from Microsoft over the past year. There have been safety concerns at the company, including 2020 when Microsoft was alerted by the National Security Agency to a critical flaw in Windows that could allow hackers to pose as legitimate software businesses. This year, hackers gained access to Exchange servers via four flaws in the software. SolarWinds also targeted Microsoft.