Microsoft has released an out-of-cycle security update to patch a serious vulnerability.
The security flaw, known as “PrintNightmare”, affects the Windows Print Spooler service. This vulnerability was first brought to notice via a Tweet in late May from researchers at cybersecurity company Sangfor who later inadvertently published a guide online explaining how to exploit the vulnerability.
Sangfor Security published the proof-of-concept by mistake and subsequently deleted it, but not before it had been published elsewhere online, including developer site GitHub.
The security flaw is viewed as being so serious that Microsoft has issued patches for Windows 7 and Windows 8.1 as well as for Windows 10, even though the earlier operating systems are no longer supported. Microsoft has warned that hackers could exploit the vulnerability to install programs (including malware), view and delete data, and even create new user accounts with full admin rights.
The patch is being delivered to Windows 10 systems via Windows Update as part of a cumulative update. Here is the list of updates (KB numbers) applicable to affected operating systems:
- Windows 10, version 21H1 (KB5004945)
- Windows 10, version 20H2 (KB5004945)
- Windows 10, version 2004 (KB5004945)
- Windows 10, version 1909 (KB5004946)
- Windows 10, version 1809 (KB5004947)
- Windows 10, version 1803 (KB5004949) *Not yet available
- Windows 10, version 1507 (KB5004950)
- Windows 8.1 and Windows and Windows Server 2012 (Monthly Rollup KB5004954 / Security only KB5004958)
- Windows 7 SP1 and Windows Server 2008 R2 SP1 (Monthly Rollup KB5004953 / Security only KB5004951)
Microsoft has advised users to install the update as soon as possible. If you are using third-party software or have settings in place to block or defer updates, you should remove any blocks and install this update immediately.
—
Thanks Jim,
Checked and done in update yesterday.
Much Obiged 🙂
You are most welcome Jonno.
Okay Jim. Now, what about those computers which are not connected to a printer, or have the print spooler disabled, do they also need to install this patch (or better safe for later), Mindblower!
Hey MB,
I don’t believe that just because a printer is not connected or the print spooler is disabled a user would be safe. The mechanism is still part of the system and open to exploitation.
I would definitely suggest installing this security update no matter what.
Just done an update but that fix wasn’t done. I’m on 21H1. I have to wait?
Hey Otto,
If you upgraded to 21H1 since the patch was released there’s every chance it was included in the 21H1 upgrade. If not, then check to see if the update patch is installed – go to Control Panel > Programs and features > View installed updates and search for KB5004945.