Users must update PCs ‘as soon as possible’ as Windows left vulnerable to massive flaw, Microsoft says
The ‘PrintNightmare’ flaw affects all versions of Windows including 10, 8.1, and 7
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Microsoft has announced an emergency update to Windows 10 in order to patch a serious vulnerability in the operating system.
The PrintNightmare flaw, also identified as CVE-2021-34527, affects all versions of Windows, and targets Windows Print Spooler service, a process that manages access to printers from multiple users. It was revealed after researchers at cybersecurity firm Sangfor accidentally published guidance for exploiting the flaw.
The researchers had tweeted in May that they had found the vulnerability, but accidentally made the proof-of-concept available online. Although they quickly deleted it, it was shared elsewhere including on Microsoft-owned GitHub.
Hackers could use the loophole to install programs, view and delete data, and create new user accounts with administrator access. Microsoft has had to issue patches for Windows Server, Windows 10, Windows 8.1, and even Windows 7.
“We recommend you update your devices as soon as possible. The update is available on all release channels including Windows Update, Microsoft Update Catalog and Windows Server Update Services (WSUS)”, Microsoft wrote in a post about the issue.
Microsoft has not yet introduced a patch for Windows 11, although preview builds are currently available for the company’s upcoming operating system. The company says the new OS will be more secure than Windows 11, but many could have to buy entirely new systems to run it.
This is the latest in a series of security concerns for Windows this year. In March, Microsoft said that it had found major vulnerabilities in its Exchange Server tools, which is used to run email and calendars for many large companies.
Less than two weeks later a problem with the Adobe Type Manager Library, which collects fonts together, caused by a particular font meant the operating system could be taken over by hackers.
The threat was low in Windows 10 because Microsoft had added protections in that version of the operating system, but the bug was classed as “critical" – the highest-possible level of alert
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments