Yesterday a critical vulnerability with Windows operating systems was revealed. The exploit, called PrintNightmare, takes advantage of a weakness with the Windows Print Spooler service.
In order to exploit this vulnerability, hackers would need to have access to a device on the network AND at least one user account. Every business should evaluate their exposure to this risk and act accordingly.
For our customers, we are following CISA guidelines which encourages administrators to “disable the Windows Print spooler service in Domain Controllers and systems that do not print.” In laymen’s terms, if there is a server that has the print service enabled and it’s not used, then we are turning it off!
In order to be absolutely sure that this vulnerability will not effect any Windows device, then all systems with the Print Spooler service would need to be disabled. This would mean that no Windows device could print until the service is restored. We’re evaluating this approach, however, we anticipate that Microsoft will move quickly to release a patch to resolve the vulnerability.
Be sure to follow us on Facebook or Twitter for more updates as we learn more about future patches or updates from Microsoft or CISA.