Security News > 2021 > July > How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
2021-07-08 08:05

This week, PrintNightmare - Microsoft's Print Spooler vulnerability was upgraded from a 'Low' criticality to a 'Critical' criticality.

Print Spooler in a nutshell: Print Spooler is Microsoft's service for managing and monitoring files printing.

PrintNightmare vulnerability: As soon as an attacker gains limited user access to a network, he will be able to connect to the Print Spooler.

Your best option when it comes to mitigating the PrintNightmare vulnerability is to disable the Print Spooler on every server and/or sensitive workstation.

By changing 'Allow Print Spooler to accept client connections', you can restrict users' and drivers' access to the Print Spooler to groups that must use it.

There might be entries with error messages that indicate Print Spooler can't load plug-in module DLLs, although this can also happen if an attacker packaged a legitimate DLL that Print Spooler demands.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/RkZ25F8Te70/how-to-mitigate-microsoft-print-spooler.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399