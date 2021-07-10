



Microsoft is urging Windows users to install updates immediately after security researchers discover a critical vulnerability in their operating system.

A security flaw known as PrintNightmare affects the Windows Print Spooler service. Researchers at cybersecurity firm Sangfor have accidentally published a how-to guide to exploit it.

Researchers tweeted in late May that they discovered a vulnerability in PrintSpooler that allows multiple users to access the printer. They accidentally published the proof of concept online and then deleted it, but not before it was published elsewhere online, including the developer site GitHub.

Microsoft has warned that a hacker who exploits this vulnerability could install programs, view and delete data, and create new user accounts with full user privileges. This allows hackers to take full control of their PCs and cause serious damage.

Windows 10 is not the only affected version. Windows 7, which Microsoft ended support last year, is also affected by this vulnerability.

Microsoft has announced that it will not publish an update for Windows 7, but has issued a patch for operating systems 12 years ago, highlighting the seriousness of Print Nightmare’s flaws. Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 are “coming soon.”

“We recommend that you install these updates immediately,” the company said.

The good news is that the current security updates are cumulative. That is, it also contains previous fixes for previous security issues.

This is the latest in a number of security alerts from Microsoft over the past year and a half. The company is involved in security issues, including the National Security Agency warning Microsoft of a serious flaw in the Windows operating system in 2020 and hackers impersonating legitimate software companies. And this year, four vulnerabilities in the software allowed hackers to access servers for popular email and calendar services, targeting hundreds of thousands of Exchange users. Microsoft has also been the target of a catastrophic breach of SolarWinds.

In particular, Microsoft has not released a patch for Windows 11. Its latest operating system will be released shortly and is now available to beta testers. According to CCS Insight, Windows 11 will be available six years after Microsoft last overhauled its operating system in Windows 10. This major update is currently being performed on approximately 1.3 billion devices worldwide.

