Security News

Windows 11 may soon switch to a Black Screen of Death for operating system crash screens rather than the blue screen that has been used for many years. All Windows users have at one point experienced a Blue Screen of Death screen, also known as a BSOD, when the operating system crashes due to a hardware conflict or software bug.

Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. If your processor is old enough that it does not have one built-in fTPM, your motherboard's module will likely be TPM 1.2, which is not compatible with Windows 11.

Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks. Microsoft's confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines.

Microsoft has assigned CVE-2021-34527 to the print spooler remote code execution vulnerability known as "PrintNightmare" and confirmed that the offending code is lurking in all versions of Windows. The Windows giant also confirmed that the PrintNightmare vulnerability was being exploited in the wild.

Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.

Another potential mitigation has emerged for the PrintNightmare zero-day vuln, which lets low-privileged users execute code as SYSTEM on Windows domain controllers: remove those people from a backwards-compatibility group. While the patch for CVE-2021-1675 also protects against PrintNightmare on most Windows devices, it didn't do so for domain controllers, which caused some puzzlement among security researchers.

A proof-of-concept exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. The Windows maker addressed the vulnerability as part of its Patch Tuesday update on June 8, 2021.

The Cybersecurity and Infrastructure Security Agency has issued a notification regarding the critical PrintNightmare zero-day vulnerability and advises admins to disable the Windows Print Spooler service on servers not used for printing. "CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print," the US federal agency said.

For details about the emergency patch released by Microsoft on 2021-07-06,please see: PrintNightmare official patch is out - update now! You'll also hear and see the flaw referred to as the Print Spooler bug, based on the headline on Microsoft's security update guide that describes the flaw as a Windows Print Spooler Vulnerability.

Windows 11 comes with a new optional feature called 'TPM Diagnostics' that allows administrators to query the data stored on a device's TPM security processor. "TPM 2.0 is a critical building block for providing security with Windows Hello and BitLocker to help customers better protect their identities and data. In addition, for many enterprise customers, TPMs help facilitate Zero Trust security by providing a secure element for attesting to the health of devices."