Microsoft fixes Windows flaw and asks for update

[bitheerani93]

“Update fixes Windows flaw that has been exploited by criminals, according to Microsoft”
Microsoft released a Windows security update on Tuesday (6) to fix a serious flaw known as PrintNightmare. The vulnerability iceland mobile database versions of Windows 10, as well as its predecessors 8.1 and 7, and the recommendation is that users of all systems update their OS as soon as possible.

The Windows flaw is related to the system's print spooler, a component used in the process of exchanging data with printers, and can be used to completely control the victim's computer, giving criminals access to data and even the ability to install apps.

The breach is considered serious, affects several versions of Windows and has been exploited by criminals — Photo: Luana Marfim/TechTudo

Is Windows 10 any good? Leave your opinion on the TechTudo Forum

As it has a high level of access to system resources, the spooler can be used to run malicious code created by criminals, enough to install inappropriate apps on the victim's computer, access data, modify files and folders and even create new user accounts, all without the user having control.

The urgency for the update is great because the vulnerability was accidentally disclosed before Microsoft was aware of the problem. Experts from Sangfor discovered the flaw and created a proof of concept (PoC), a practical exercise that demonstrates the viability of the attack and is a documentation item used in the diagnostic process and creation of fixes by developers.

The demo ended up being published on GitHub, a repository and social network for developers, before Microsoft had a fix available. With the samples released for any developer to analyze and develop attacks using them, the vulnerability became a zero-day and Microsoft had to rush to create a fix update. According to the company, there are signs that PrintNightmare has been used in real attacks.