Security researchers in China have accidentally leaked details of a critical windows printer spooler vulnerability called ‘Print Nightmare’. It allows an attacker with a regular user account to take over a server running the Windows Print Spooler service.
‘Print Nightmare’ means an attacker with a regular domain account can take over a server in a simple step. For example, if a user is subjected to a phishing attack, an attacker can use the compromised computer to take over the active directory in a matter of seconds.
Microsoft will likely release an update to fix this shortly. If there are servers where Print Spooler is not necessary, it should be disabled. If necessary, we suggest businesses limit their network access to those servers as strictly as they can.
To discuss your business cybersecurity, contact an IT Managed Services specialist on 01865 367111.