Windows users around the world collectively breathed a sigh of relief when Microsoft announced that it issued a patch for a critical security flaw dubbed “PrintNightmare,” a nasty printer bug that, if exploited by hackers, wreaks havoc on your PC.
However, this PrintNightmare isn’t over yet. The Redmond-based tech giant announced that it is investigating a lingering, perilous bug that gives malicious actors access to your data with system-level privileges.
Windows PrintNightmare vulnerability persists
As we reported in early July, Microsoft announced that it was investigating a fix for an alarming exploit within the Windows Print Spooler Service, a program that helps PCs interact with printers.
Days later, the Redmond-based tech giant issued a temporary fix for the critical printer bug. Unfortunately, after the emergency patch rolled out, reports about printer failures began flooding in. Affected Windows users were advised to uninstall the update.
On Tuesday, Microsoft released an official patch for the PrintNightmare flaw. However, there’s still a lingering bug that needs to be squashed. This security flaw, tracked as CVE-2021-34481, is a vulnerability that gives malicious actors enhanced privileges.
“An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft said in its disclosure.
There’s no fix for this bug yet, but there is workaround solution that involves disabling the Windows Print Spooler service. Find out how to do this here. When Microsoft rolls out an official patch for this flaw, we’ll keep you updated.