The “PrintNightmare” security vulnerability is tied into Windows’ Print Spooler service, which runs by default, and grants attackers remote system privileges across all versions of Windows. This access makes it possible for nefarious actors to install their own programs, create new system accounts, and view/copy/alter data. Microsoft initially released a statement of mitigation measures you could take, as documented by Bleeping Computer, in order to temporarily reduce the threat. Now, it’s moved on to releasing patches for all affected versions of Windows in order to remove the vulnerability entirely. Not all of the affected versions have been patched yet, but Microsoft states that anything that hasn’t been patched prior to July 6 will be updated “shortly.” Microsoft already has released patches to remove the “PrintNightmare” vulnerability for multiple versions of Windows 10, as well as Windows Server 2004, 2008, 2012, 2016, 2019, and version 20H2. Windows RT 8.1 and multiple versions of Windows 7 and 8 have been patched as well. If you’d like to see if a patch has been released for your version of Windows, you can take a look at Microsoft’s vulnerability information page under Security Updates. If for any reason you can’t download the necessary patch, Microsoft has two recommendations detailed in the Workarounds section. These steps will prevent inbound remote printing, so your system won’t be able to function as a print server, but printing locally to an attached device will still work.
