The PrintNightmare flaw found in Windows this week allowing hackers to remotely execute malicious code with system-level privileges clearly took high priority at Microsoft.
Just days after it was accidentally revealed by the security researchers who discovered it, the vulnerability has been patched by Microsoft. The Verge first noticed the update which covers all versions of Windows going back to Windows 7 despite Microsoft officially dropping support for it last year (via Engadget).
The zero-day threat was a particularly nasty vulnerability as it could be exploited remotely without user interaction. Virtually every version of Windows featured the vulnerability including Windows 7, Windows 8, Windows 10 and Windows Server.
Microsoft defined it as a critical flaw (identified as CVE-2021-34527) due to the lack of user interaction needed to trigger the exploit and stated, “We recommend that you install these updates immediately.” While Microsoft is confident that this patch eliminates the issue and removes the threat, it is classified as a temporary fix and will be addressed more comprehensively in a future update.
If you don’t have updates set to run automatically and/or haven’t been prompted to update today, then you can follow our instructions on how to update Windows 10 manually. Given the speed with which Microsoft issued this patch, there’s no question the company views this as a serious threat. And while there was no indication that it had been employed in the wild yet that isn’t likely far off.