PCWorld (USA)

The Printnight­mare exploit is so scary, even Windows 7 got an emergency fix (but it’s imperfect)

Download it right now.

- BY BRAD CHACOS

Microsoft typically releases updates for Windows as part of its monthly “Patch Tuesday” blitz, but the company recently took the unusual step of releasing an emergency out-of-band security update to fix the critical “Printnight­mare” vulnerabil­ity published (and deleted [ go. pcworld.com/pbdl]) by researcher­s—even for Windows 7. Bottom line? Update your Windows PC pronto…but the patch may not fix all PCS if your system is connected to a local network.

Printnight­mare attacks the Windows Print Spooler service, which runs by default. “A remote code execution vulnerabil­ity exists

when the Windows Print Spooler service improperly performs privileged file operations,” Microsoft’s executive summary ( go.pcworld.com/mxsm) states. “An attacker who successful­ly exploited this vulnerabil­ity could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

In other words, Printnight­mare lets attackers into your system over the internet, and then they essentiall­y have free rein over your computer. “All supported editions of Windows are affected,” Microsoft warns.

Microsoft initially released emergency security patches for most versions of Windows 10, Windows 8.1, Windows RT 8.1, and various Windows Server installati­ons. In its advisory, Microsoft also suggests making specific changes to registry and Group Policy settings if necessary. Driving home how severe this vulnerabil­ity is, the company even released a Printnight­mare security fix for Windows 7, an operating system that was forced into retirement last year ( go.pcworld.com/fret).

The company lists these patches as a temporary fix, and security researcher Matthew Hickey ( go.pcworld.com/mhik) says that the patch only nullifies the danger of remote execution. That means that if an attacker manages to physically obtain your PC, they could still leverage Printnight­mare to take control of it. (Update: After the patch was released, security researcher­s discovered that fully patched systems could still be attacked remotely if your administra­tor enables certain settings to permit a network printer feature called Point and Print, Ars Technica reports [ go.pcworld.com/atrp].) But for the vast majority of people who are simply using personal computers in their home, shutting down the ability for this vulnerabil­ity to work over the internet should effectivel­y render it obsolete.

So get to downloadin­g, folks. Checking Windows Update on my PC showed the Printnight­mare patch (KB5004945 [ go. pcworld.com/kb50] for my version of Windows 10) already available. While you’re being safety-minded, make sure to install an antivirus program ( go.pcworld.com/inav) and perform the five easy tasks that supercharg­e your security ( go.pcworld.com/5tsk) if you haven’t done so already.

 ??  ??
 ??  ??

Newspapers in English

Newspapers from United States