Also for Windows 7: A critical vulnerability PrintNightmare gets its first patch

Microsoft actually stopped supporting Windows 7 a few years ago. However, this does not prevent users from continuing to use the old operating system today. For this reason, the American company publishes updates from time to time in case of serious security vulnerabilities. This is also the case in the current case. A critical vulnerability in the Windows Print Spooler service is so dangerous that Microsoft has now released a similar emergency patch for Windows 7 as well.

The vulnerability ensures that attackers can execute code on the victim’s system without local access. In particular, a successful attack on a domain controller could have far-reaching consequences. In the worst case, the entire network can be hacked.

The vulnerability has been named CVE-2021-34527 guided. It was also called PrintNightmare.

In addition to Windows 7, the Windows Server 2008 and Windows Server 2012 R2 operating systems, among others, received a corresponding update. A free update for Windows 8.1 is also available. However, users of Windows Server 2021 as well as 2016 and Windows 10 in version 1607 are still waiting for the appropriate patch. According to Microsoft, this should be published in the near future. However, it is not yet known exactly when.

This means that users, and administrators in particular, should update their systems as quickly as possible. Security researchers inadvertently leaked a Proof of Concept (PoC) vulnerability. This makes it easy for criminals to exploit the PrintNightmare vulnerability.

All those who are running one of the mentioned operating systems and who have not yet received an update can use a workaround. Microsoft recommends that you deactivate the print spooler at this point. This can be done using the PowerShell commands “Stop-Service -Name Spooler -Force” and “Set-Service -Name Spooler -StartupType Disabled”.