The PrintNightmare exploit is so scary, even Windows 7 got an emergency fix (but it's imperfect)

Microsoft typically releases updates for Windows as part of its monthly “Patch Tuesday” blitz, but the company took the unusual step of releasing an emergency out-of-band security update late Monday night to fix the critical “PrintNightmare” vulnerability published (and deleted) by researchers last week—even for Windows 7. Bottom line? Update your Windows PC pronto... but the patch not fix all PCs if you're connected to a local network.

PrintNightmare attacks the Windows Print Spooler service, which runs by default. “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations,” Microsoft’s executive summary states. “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

To read this article in full, please click here