Microsoft's Urgent Appeal: Update Your PC Now
Microsoft has issued an emergency Windows patch after a serious vulnerability was discovered in the operating system, multiple news outlets are reporting.
The flaw is known as PrintNightmare. The vulnerability was disclosed recently after security researchers accidentally published proof-of-concept (PoC) exploit code, according to The Verge.
And CNN noted it was researchers at the cybersecurity company Sangfor who accidentally published the how-to guide for exploiting it.
According to the news network, researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They posted a proof-of-concept online by mistake. It was subsequently deleted — but not before it was published elsewhere online, CNN noted.
The vulnerability allows hackers to use remote code execution, so bad actors could potentially install programs, create new accounts with full administration rights, and view and delete data, according to reports by The Verge and CNN.
"We recommend that you install these updates immediately," Microsoft said. "The security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as ‘PrintNightmare’, documented in CVE-2021-34527."
CNN noted that Windows 10 is not the only version affected. Windows 7, which Microsoft had ended support for last year, is also subject to the vulnerability.
Microsoft has issued an emergency Windows patch after a serious vulnerability was discovered in the operating system, multiple news outlets are reporting.
The flaw is known as PrintNightmare. The vulnerability was disclosed recently after security researchers accidentally published proof-of-concept (PoC) exploit code, according to The Verge.
And CNN noted it was researchers at the cybersecurity company Sangfor who accidentally published the how-to guide for exploiting it.
According to the news network, researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They posted a proof-of-concept online by mistake. It was subsequently deleted — but not before it was published elsewhere online, CNN noted.
The vulnerability allows hackers to use remote code execution, so bad actors could potentially install programs, create new accounts with full administration rights, and view and delete data, according to reports by The Verge and CNN.
"We recommend that you install these updates immediately," Microsoft said. "The security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as ‘PrintNightmare’, documented in CVE-2021-34527."
CNN noted that Windows 10 is not the only version affected. Windows 7, which Microsoft had ended support for last year, is also subject to the vulnerability.
.jpeg)
Comments
Post a Comment