Microsoft announced that they will begin implementing a default configuration in the way the Windows system employs the Print Spooler print driver in an attempt to eliminate once and for all the possibilities of exploitation of the dangerous PrintNightmare flaw. The company points out that, from now on, Windows will require administrator rights to change the default settings of the compromised driver.
In this regard, the Microsoft Security Response Center (MSRC) issued a statement: “After investigating the set of vulnerabilities known as PrintNightmare, we determined that the behavior of the affected driver does not provide customers with the level of security required to protect against these attacks.” With the release of this update, the company hopes to completely mitigate the possibility of exploitation of PrintNightmare.
This change will begin rolling out together with the installation of the Microsoft security updates for the month of August and on all supported versions of the Windows system. In its report, Microsoft reminds administrators that these changes could impact the printing process under certain circumstances, although their implementation should be fully functional.
The company strongly recommends to Windows system administrators to not disable this default setting without first being aware of the risks involved.
The problems related to this flaw began about a month ago, when the company misdiagnosis a security report on the print driver in Windows. While Microsoft tried to fix the bug as soon as possible by issuing a security patch, just a couple of days later it was discovered that it was possible to evade this new patch in order to perform a privilege escalation attack.
PrintNightmare became a public relations issue for Microsoft, whose social media profiles were immediately flooded with new reports and evidence to exploit this flaw. Still, the cybersecurity community issued a number of measures to mitigate the risk of exploitation, so some researchers consider the problem to be almost completely solved.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.