Facial palm: Microsoft is once again advising customers to turn off the Windows print spooler, after the emergence of a new vulnerability that allows hackers to run malicious code on machines. Although a patch to correct the flaw will be released in due course, the most effective workaround currently on the table is to stop and completely disable the print spooler service.
This is the third print spooler vulnerability to emerge in just five weeks. While a critical flaw was initially identified and patched in June, a similar flaw – dubbed PrintNightmare – emerged soon after and was subsequently patched (with mixed success).
The emergence of this new vulnerability is frustrating news for Microsoft and its users.
Microsoft has alerted customers to the new online print spooler vulnerability, writing: “An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.” An attacker who successfully exploited this vulnerability could execute arbitrary code with SYSTEM privileges. An attacker could then install programs; view, modify or delete data; or create new accounts with full user rights.”
The main thing in securing your computer is to stop and completely disable the print spooler service, if it is running – Microsoft explains how you can do this online. Although a patch for this vulnerability is being released in due course, no timeline is currently available.