Print Nightmare is a critical vulnerability

Windows 7 is back in the news due to a recently discovered vulnerability that affects the Print Spooler service in Windows since that version of the operating system, which you have to remember, is no longer supported. A vulnerability that they have called Print Nightmare and that can cause an attacker to execute code remotely on our computer.

To avoid Print Nightmare there is currently no definitive solution and Microsoft is working to eliminate a threat that affects the queue Windows printing, a service present since Windows 7 and on all computers that have this system or a more current one.

For now there is no patch

"

The vulnerability CVE-2021-34527 called Print Nightmare>may allow an attacker to execute code on our PC remotely. A vulnerability that has been present for years and that has come to light when a tutorial on how to exploit the weakness has been shown on Github."

The threat has been discovered by the United States Cybersecurity and Infrastructure Security Agency (CISA) and the problem is that despite what those who have shown how to exploit it believed, this has not yet been corrected.

Print Nightmare is a threat classified as critical and its cause is that the Print Spooler Service does not restrict access to the RpcAddPrinterDriverEx function, something that can allow a remotely authenticated malicious attacker to remotely execute code on our computer.

Because it is a vulnerability present in several versions of Windows (it appears with Windows 7) and it has not yet been corrected, Microsoft has developed a series of recommendationsto prevent us from being affected.

"

The first one goes through deactivating the Print Queue service if we don&39;t have a printer. In case of having a printer we must go to Edit group policies, select Computer Configuration, then click on Administrative Templates, select Printers>Allow the print spooler to accept client connections "

Via | Neowin