In order to exploit this vulnerability, hackers would need to have access to a device on the network AND at least one user account. Every business should evaluate their exposure to this risk and act accordingly.
For our customers, we are following CISA guidelines which encourages administrators to “disable the Windows Print spooler service in Domain Controllers and systems that do not print.” In laymen’s terms, if there is a server that has the print service enabled and it’s not used, then we are turning it off!
In order to be absolutely sure that this vulnerability will not effect any Windows device, then all systems with the Print Spooler service would need to be disabled. This would mean that no Windows device could print until the service is restored. We’re evaluating this approach, however, we anticipate that Microsoft will move quickly to release a patch to resolve the vulnerability.