Microsoft Acknowledges Severe, Unpatched, Actively Exploited Print Spooler Service Vulnerability "PrintNightmare"

[RJARRRPCGP]

Really smells like an out-of-band update coming!

 

[lexluthermiester]

This problem is one of the many reasons why most services that are set for "Automatic" and left running should be set to Manual(Demand) and only run when needed.

 

[AusWolf]

So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

The fact that ONE vulnerability that Windows 7 has is also present in Windows 10 doesn't mean that Windows 10 isn't generally safer.

Its not related this is just another I hate windows 11 post.

Once we had the "intel sux becos RAIZEN!", then the "nvidia sux becos PAPERLAUNCH!" and now the "windows sux becos TEE-PEE-EM" posts under every single article. How hard can it be for some people to stay on topic, and not bash something that has nothing to do with the article, seriously?

 

[Frick]

So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

So will there will be a patch pushed to Windows 7 users?

Also, how does the vulnerability actually work?

 

[Gmr_Chick]

So will there will be a patch pushed to Windows 7 users?

Also, how does the vulnerability actually work?

I'm wanting to know the answer to this myself. Reason I say that is because our printer, an Epson XP-340, started acting up a few days ago when my mom tried to print some important documents and couldn't, due to an imaginary paper jam. I opened the printer and checked. No paper jam. Turning it off and then back on again didn't help, either. Of course, the printer is a bit old though, so it could just be crapping out....

 

[ThrashZone]

So will there will be a patch pushed to Windows 7 users?

Also, how does the vulnerability actually work?

Hi,
If you have group policy it's pretty easy to change that and in the op.

 

[HD64G]

So will there will be a patch pushed to Windows 7 users?

Also, how does the vulnerability actually work?

Question is, is Win10 much more secure and stable than Win7? As for the questions you asked, only MS can answer. Let's hope soon enough...

 

[Darmok N Jalad]

As others have said, printing has always been a nightmare on on Windows,. I always wonder how the service never gets reworked, as some of the issues it has printing documents is just dumbfounding. We have one wireless printer (HP OfficeJet Pro) in the home, and devices running Windows 10, MacOS, iOS, and Linux. Windows 10 is by far the worst experience printing anything. In fact, Windows is the only OS that refuses to print wirelessly, you have to plug in via USB. The kicker is, I bought this printer specifically because I could wirelessly print from the Surface 2 RT that I had at the time (yes, this printer is a tank). All the other devices typically print, no questions asked. My wife resorts to printing to PDF from Windows, saving it to a cloud drive, and printing it from her iPad, or sending it to me to print from Linux.

The worst part with Windows is that sometimes a print job will screw up so royally that you have to dive into hidden file folders and manually delete the bad print job. How is is that even Linux can do better than that?

 

[lexluthermiester]

As others have said, printing has always been a nightmare on on Windows

I disagree. I've never had many problems. But then again, I never bought cheap bargin basement printers either. I swear by color laser and buy only quality models. So that could be why. You get what you pay for and most people buy garbage printers expecting the world from them..

 

[Frick]

Question is, is Win10 much more secure and stable than Win7? As for the questions you asked, only MS can answer. Let's hope soon enough...

Seeing how Windows 7 doesn't get any updates it's not even a question.

 

[Darmok N Jalad]

I disagree. I've never had many problems. But then again, I never bought cheap bargin basement printers either. I swear by color laser and buy only quality models. So that could be why. You get what you pay for and most people buy garbage printers expecting the world from them..

Except this was not a cheap printer. In fact, it has been running reliably for almost 10 years now. And I bought it specifically for its wireless printing support with Windows. It does only printing, not the cheap combo print/scan/copy getups that break in a year's time. The same question remains, why can I print a document perfectly fine from MacOS, iOS, or Linux and Windows 10 can't handle it?

 

[newtekie1]

Also, how does the vulnerability actually work?

From what I can tell, the vulnerability uses the printer sharing built into Windows. It allows an attacker to send a false print job to a computer that will execute code instead of printing.

If you are behind a NAT firewall that doesn't have the printer sharing ports opened/fowarded, then you are pretty safe from an internet based attack. But anyone that has access to your internal network could exploit this. And obviously if you say go connect your computer to a public WiFi, anyone else on that WiFi could possibly exploit this as well.

 

[lexluthermiester]

Seeing how Windows 7 doesn't get any updates it's not even a question.

Like XP, 7 when properly configured and secured is perfectly safe. Only those lacking understanding fail to be safe.

From what I can tell, the vulnerability uses the printer sharing built into Windows. It allows an attacker to send a false print job to a computer that will execute code instead of printing.

Agreed, this seems to be how it works. The key is to either be sure the systems sharing a printer have no access to the internet, or if it's a stand-alone PC, to disable printer sharing.

If you are behind a NAT firewall that doesn't have the printer sharing ports opened/fowarded, then you are pretty safe from an internet based attack.

This also.

 

[TheoneandonlyMrK]

Soooo, disable print spooler for now?!

 

[Makaveli]

Soooo, disable print spooler for now?!

More for enterprise users not home.

 

[lexluthermiester]

Soooo, disable print spooler for now?!

Unless you need it. If you have a printer then set it to "Manual" and disable print sharing.

More for enterprise users not home.

Incorrect. This affects everyone equally. The print spooler service is more or less the same across all versions of Windows from Vista on up regardless of which edition is in use. Even XP might be affected.

 

[TheoneandonlyMrK]

More for enterprise users not home.

I have no printer anyway so no loss.

But it's still disabled now for me.

 

[ShiBDiB]

This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.

That's 99% of exploits, there's no money to be made by bad actors going after home users anymore (comparatively).

 

[DeathtoGnomes]

By default, the print spooler service is active(Auto). The first thing I do on a fresh install is disable it. You dont need it if you dont have a printer. I dont think this is the first time the print spooler is used in an exploit either.

 

[Frick]

Like XP, 7 when properly configured and secured is perfectly safe. Only those lacking understanding fail to be safe.

... I assume you've heard of 0-days. "Properly configured" partly means "properly updated".

 

[HD64G]

Some guys have fixed the problem and provide the solution for free. Works on all modern windows OSes.

Micropatches - 0patch

0patch.com

 

[lexluthermiester]

... I assume you've heard of 0-days.

No, never... What's that?
/s

"Properly configured" partly means "properly updated".

No it doesn't. Updates can be helpful but they are NOT the end-all-be-all solution to problems. Knowing how to isolate problems as they arise is more important. This is the main reason why firewalls were created. When you combine a competent firewall with competent app/program micromanagement software, you can effectively eliminate 99.9% of most of the problems that exist WITHOUT patching. This is why I stated very confidently earlier that XP and 7 can be secured and used safely on the internet. For those of us who know what we're doing, it is a relatively trivial effort.

 

[AusWolf]

No, never... What's that?
/s


No it doesn't. Updates can be helpful but they are NOT the end-all-be-all solution to problems. Knowing how to isolate problems as they arise is more important. This is the main reason why firewalls were created. When you combine a competent firewall with competent app/program micromanagement software, you can effectively eliminate 99.9% of most of the problems that exist WITHOUT patching. This is why I stated very confidently earlier that XP and 7 can be secured and used safely on the internet. For those of use who know what we're doing, it is a relatively trivial effort.

Let's also not forget about the fact that the most important steps in internet security are having a strong wifi password (or not using wifi at all), not clicking on adverts and not responding to emails and text messages from unreliable sources. Your operating system might be full of security holes, but most of these aren't a real threat if you know how to browse the net properly.

 

[InhaleOblivion]

System A *Laughs in Linux*
System B *Cries in Windows*

 

[R-T-B]

So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

Windows 7 is affected and likely won't be patched.