Windows users, listen up. Late Tuesday, Microsoft released an emergency patch for a critical security bug dubbed “PrintNightmare.” Per Microsoft, attackers can take advantage of this vulnerability to install malicious code, view or change a person’s data, or even “create new accounts with full user rights” — so download the fix sooner, rather than later.
The PrintNightmare bug — tracked by Microsoft under the name CVE-2021-34527 — targets Window’s Print Spooler program that’s meant to communicate between a person’s device and their printer. Multiple security researchers have documented a loophole in this tech that would theoretically allow a bad actor to worm their way from the spooler system into a person’s Windows computer in order to give themselves admin or system-level rights to the device.
While the original proof-of-concept for this exploit was deleted, enterprising computer nerds forked multiple copies of the original code — meaning that it could easily fall into some bad actor’s hands. Soon after, Microsoft issued the emergency patch.
Microsoft’s release notes that “All versions of Windows are vulnerable,” but doesn’t have patches available for all Windows systems just yet. Windows 10 version 1607, Windows Server 2016, and Windows Server 2012 all still need patches, but Microsoft promised they would be released “soon.” Microsoft also pubbed a series of queries that security and IT teams using Microsoft 365 Defender can use to hunt down Spool vulnerabilities within their own networks.
If a patch isn’t available for your system yet, Microsoft also suggests just disabling your Print Spooler software entirely. Just note that this will keep you from being able to print remotely, according to the notice. If you want to keep printing locally, you’ll need to hook up your device directly to the printer in question.