Why is Microsoft asking users to update Windows?
Last week, a vulnerability called PrintNightmare was discovered by security researchers. The PrintNightmare vulnerability allows bad actors to use remote code execution, through which they can install programs, create new accounts with admin rights and even modify data.
It is a dangerous security flaw as it gives attackers system-level privileges, which is as big as it gets for Windows users.
Microsoft acknowledged the vulnerability and said, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges.” Microsoft further explained that “an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Has the vulnerability been fixed?
Yes, Microsoft has issued a security update that solves the problem. However, users will have to install these update immediately to keep their systems safe. Microsoft said that all versions of Windows are vulnerable. “Supported versions of Windows that do not have security updates available on July 6 will be updated shortly after July 6,” the company explained.
“The security updates released on and after July 6, 2021 contain protections for a remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527, as well as for CVE-2021-1675,” Microsoft further explained.
timesofindia.indiatimes.com
Leave a Reply