Hackers hacking into users’ personal data with the help of malicious bugs are nothing new. We often hear of hackers gaining access to a user’s personal information in this way. Microsoft recently warned users about a similar bug. The company has warned Windows users of an unpatched critical bug that would allow hackers to gain access to all personal information by installing malicious programs on users’ systems. The bug found in the Windows Print Spooler service is called ‘PrintNightmare’.
For those who don’t know, Print Spooler is software that is available on all Windows operating systems. The printer stores the print job in the computer’s memory before it is finally printed. According to researchers, hackers can use this ‘PrintNightmare’ bug to gain complete control over the user’s system. Although Microsoft has not yet properly evaluated this vulnerability, it acknowledges that the malicious bug is available in all versions of Windows.
The company said in a statement, “Microsoft is aware and investigating a remote code execution vulnerability that has affected Windows Print Spooler, and has assigned CVE-2021-34527 for this error.” The CVE will be updated later for more information. When the Windows Print Spooler service improperly performs privileged file operations, the existence of a remote code execution vulnerability can be noticed. A hacker can use this error to arbitrarily run an arbitrary code to gain control over the entire system. And the hacker then easily acquires the admin rights and installs the program; Data view, change or delete; Or be able to create a new account. ”
Microsoft is currently working hard to resolve this issue, but has previously asked users to be cautious. The Cyber Security and Infrastructure Agency has instructed administrators to disable the Windows Print Spooler service on domain controllers and unprinted systems. Domain controllers and Active Directory admin systems need to have print spooler service-disabled due to the possibility of exposure, the agency said; And the suggested way to do this is to use the Group Policy Object.