Microsoft Releases Emergency Patch for PrintNightmare
Microsoft has released an emergency patch for the zero-day vulnerability in Windows Print Spooler that allowed remote code execution on Windows devices.
It concerns security update KB5004945. This should counter the so-called ‘PrintNightmare’ bug, which Microsoft says is now actively being exploited by attackers. Through this vulnerability in the Print Spooler service, it is possible to remotely run code on PCs, domain controllers and other Windows devices and possibly get system rights on them.
Microsoft was very bored with the bug, which was accidentally published by researchers last week and has since been used by criminals to attack computer systems. So today, the company is releasing emergency fixes for Windows Server 2002, Windows 7, 8, and multiple versions of Windows 10.
Patches for Windows 10 v1607, Windows Server 2016, and 2012 are coming later. However, you can find them under Windows Update in the settings.
The patch addresses explicitly a vulnerability that allows remote code execution. She has not yet completely closed the vulnerability because it is still possible locally to get system rights via the bug, but that is already a lot more difficult to exploit. If you are unable to install the patch right away, you are advised to disable Windows Print Spooler until further notice. This does mean that you can no longer print from a common printer.