New York (CNN Business) – Microsoft urges Windows users to install an update immediately after security researchers discover a critical vulnerability in the operating system.
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service. Researchers at cybersecurity firm Sangfor mistakenly published a guide to exploit it.
Researchers tweeted in late May that they found vulnerabilities in Print Spooler, allowing multiple users to access a printer. They posted a proof of concept in error and then deleted it, but not before publishing it elsewhere on the internet, including the developer site GitHub.
Microsoft warned that hackers who exploited the vulnerability could install programs, view and delete data, or even create new user accounts with full user rights. This gives hackers enough command and control of your computer to cause serious damage.
Not only in Windows 10
Windows 10 isn’t the only version affected: Windows 7, which Microsoft discontinued support last year, is also subject to the vulnerability.
Despite announcing that it will no longer release updates for Windows 7, Microsoft released an update for the 12-year-old operating system, confirming the severity of the PrintNightmare flaw. Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 “Expected Soon”, He said.
“We recommend that you install these updates immediately,” the company said.
If there’s any good news, it’s that the current security update is cumulative, which means that it also contains previous fixes for previous security issues.
Microsoft on alert
This is the latest in a series of security alerts from Microsoft in the past year and a half. The company has been embroiled in several security concerns, including in 2020 when the National Security Agency (NSA) alerted Microsoft to a major flaw in its Windows operating system that could allow hackers to be impersonated by legitimate software companies.
And this year, hundreds of thousands of users exchange They were attacked after four vulnerabilities in their software allowed hackers to gain access to the servers of the popular email and calendar service. Microsoft has also been subject to Crack Destroyed by SolarWinds.
Notably, Microsoft has not released a patch for Windows 11. The new operating system, which will be released soon, is currently available in beta testing. Windows 11 comes six years after Microsoft revised its operating system with Windows 10, a major update that now works on about 1.3 billion devices worldwide, according to CCS Insight.