Microsoft has warned Windows users of an unpatched critical bug that can let hackers install malicious programmes on their systems. The bug that has been found in the Windows Print Spooler service is being called ‘PrintNightmare’. The researchers have revealed that the bug ‘PrintNighmare can be exploited by hackers to gain control of a user’s system. Although Microsoft has not rated the vulnerability yet, admitted that the harmful bug is available in all versions of Windows.
“Microsoft is aware of and investigating a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation, and we will update the CVE as more information is available. A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” the company said in a statement.
As per Bleepingcomputer report, Microsoft took a few days to acknowledge the bug, but it is now warning customers that the bug is being exploited by hackers. The cybercriminals install malicious programmes, gain admin rights, change data and create new accounts using the admin rights.
Microsoft is currently working to fix the issue but until then the company has asked the users to use the Windows Print Spooler service. The Cybersecurity and infrastructure agency has encouraged administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object,” the agency said.