Microsoft has released an out-of-cycle security update to patch a serious vulnerability.
The security flaw, known as “PrintNightmare”, affects the Windows Print Spooler service. This vulnerability was first brought to notice via a Tweet in late May from researchers at cybersecurity company Sangfor who later inadvertently published a guide online explaining how to exploit the vulnerability.
Sangfor Security published the proof-of-concept by mistake and subsequently deleted it, but not before it had been published elsewhere online, including developer site GitHub.
The security flaw is viewed as being so serious that Microsoft has issued patches for Windows 7 and Windows 8.1 as well as for Windows 10, even though the earlier operating systems are no longer supported. Microsoft has warned that hackers could exploit the vulnerability to install programs (including malware), view and delete data, and even create new user accounts with full admin rights.
The patch is being delivered to Windows 10 systems via Windows Update as part of a cumulative update. Here is the list of updates (KB numbers) applicable to affected operating systems:
- Windows 10, version 21H1 (KB5004945)
- Windows 10, version 20H2 (KB5004945)
- Windows 10, version 2004 (KB5004945)
- Windows 10, version 1909 (KB5004946)
- Windows 10, version 1809 (KB5004947)
- Windows 10, version 1803 (KB5004949) *Not yet available
- Windows 10, version 1507 (KB5004950)
- Windows 8.1 and Windows and Windows Server 2012 (Monthly Rollup KB5004954 / Security only KB5004958)
- Windows 7 SP1 and Windows Server 2008 R2 SP1 (Monthly Rollup KB5004953 / Security only KB5004951)
Microsoft has advised users to install the update as soon as possible. If you are using third-party software or have settings in place to block or defer updates, you should remove any blocks and install this update immediately.