Skip to main content
  1. Home
  2. Computing
  3. News

Windows has a print vulnerability that hackers are actively using

By

Microsoft has updated its documentation around the “PrintNightmare” vulnerability that is impacting Windows PCs across the world. The company now says it is aware of the issue, which officially involves cases where the Windows Print Spooler service may perform privileged file operations and allow hackers into your device.

Though it’s not clear if all versions of Windows are impacted by this vulnerability, Microsoft says that the print spooler code that has the vulnerability is in all versions of Windows. The print spooler is what usually handles print jobs in Windows. Specifically, hackers can exploit that code to run arbitrary code with system privileges.

Recommended Videos

This can then be used to install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft’s documentation makes it clear that the vulnerability has also been actively exploited, which means it is out in the wild and in use by hackers.

Related

As a result, Microsoft is investigating if all versions of Windows are exploitable. If you’re worried, Microsoft urges uses who are concerned to stay tuned to a support page for updates. Microsoft also mentions that the vulnerability originated before this month’s June 2021 security update. It’s not clear if the update can patch this vulnerability, but it is still best to install the June 8 security updates just to be safe.

There are some workarounds for this matter, but most are up to system administrators to enable. The first workaround is to disable the print spooler service using Powershell. However, this might end up disabling the ability to print from a PC as well as through the network. A second temporary fix involves using Group Policy to disable remote printing, which will actually prevent the remote aspect of the vulnerability by preventing inbound remote printing operations. The U.S. Cybersecurity & Infrastructure Security Agency also recommends following these steps as well.

It’s not very uncommon for hackers to try and target printers and the printing service in Windows. Back in 2018, hackers were able to use old-school printers to invade home networks. PewDiePie supporters also hacked printers at the end of 2018 to send out messages of support for the YouTuber after a battle with another YouTube channel, T-Series.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Windows 11 is creating an ‘undeletable’ 8.63GB cache
The Surface Pro 11 on a white table in front of a window.

The recent Windows 11 24H2 update is reportedly flawed with a new issue where it creates 8.63GB of undeletable update cache. This cache is made during the update process and seems to remain on the system, despite attempts to remove it using traditional methods like Disk Cleanup, Storage Sense, or even manually deleting system folders like Windows.old​.

The issue appears to be linked to checkpoint updates, a new feature in Windows 11 designed to streamline and shrink update sizes by downloading smaller patches rather than full updates.

Read more
Passkeys in Windows 11 are about to get safer and easier to use
Customer using 1Password on their Windows laptop, sitting on a couch.

According to a new Developer Blog post, Microsoft is expanding its support for passkeys on Windows 11 soon, with plans to let you choose how your passkeys are saved and where they're stored. A new API will also allow third-party password managers like 1Password or Bitwarden to integrate more seamlessly into the Windows passkey experience.

With Windows Hello, users will be prompted to complete a one-time setup for each passkey-friendly website using their Microsoft account. Once that's done, you can log in across all your Windows 11 devices using whichever authentication method you prefer -- PIN, fingerprint, or facial recognition. All passkeys will be secured with end-to-end encryption and use your PC's TPM (Trusted Platform Module) to keep them protected.

Read more
Windows 11 can now use AI to respond to your text messages
The Phone Link app being used on a phone and laptop screen.

Microsoft has started rolling out a helpful Suggested Replies feature in the Phone Link app that gives users AI-powered text suggestions for quick replies to their messages, the software giant stated in a Support blog post.

The new feature uses Microsoft's Cloud AI models to create short replies to specific messages, resulting in faster response times. It is rolling out in Phone Link version 1.24082.137.0 for Windows 11 24H2 and 23H2. You don't need to be in the Windows Insider Program to try out the feature, but you won't see the Suggest Replies feature on all messages. You'll only see the suggestions when the Phone Link's AI can understand the message.

Read more