'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
This vulnerability allows bad actors to exploit for remote code execution (RCE) and it has been dubbed "Printer disaster". According to the CERT Coordination Center, the problem is that the Windows Print Spooler does not restrict access to the RpcAddPrinterDriverEx() function. As a result, a remote attacker can take advantage of it to execute arbitrary code remotely under system privileges.
The RpcAddPrinterDriverEx() function is commonly used to install printer drivers remotely. With unrestricted access, an attacker could point to a driver on a remote server, causing the victim machine to execute arbitrary code with system privileges.
Microsoft says it is investigating the vulnerability. The software giant proposes two temporary solutions for IT administrators of organizations and businesses.
The first solution is to disable the Windows Print Spooler service but this will cause printing to be disabled both locally and remotely. The second solution is to disable remote printing via Group Policy. This will limit remote printing, but local printing will still work fine.
Microsoft says the vulnerability appears on all versions of Windows. However, it is not clear whether an attacker can exploit it on all versions of Windows.
You should read it
- Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
- Detect a rare vulnerability that causes problems with the printer on Windows 10
- Detecting an 8-year-old security flaw, affecting 150 HP printer models
- If you hack HP's printer, you will receive $ 10,000
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- GitLab patches critical vulnerability that allows hackers to take control of accounts
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to now
- Steps to fix PrintNightmare vulnerability on Windows 10
- The NSA issued an urgent warning about a critical vulnerability appearing in Windows servers
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- How to add a printer on Windows 11
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
Maybe you are interested
How to get and provide remote support using the Quick Assist app in Windows 11
4 Security Steps to Follow When Using Remote Access Applications
How to Use Chrome Remote Desktop to Control Your PC from Anywhere
How to turn your iPhone into a wireless mouse with Remote Mouse
Microsoft sparks outrage by renaming Remote Desktop app on some platforms
How to remotely lock iPhone and iPad when the device is lost or stolen