NEW YORK — Microsoft has released an emergency Windows update that users must do immediately to fix an vulnerability identified by operating system experts that can give to hackers access to computers.
The security flaw, known as PrintNightmare (printing nightmare in Portuguese), affects the Windows Print Spooler service, which is responsible for communicating with printers.
Microsoft x Amazon: Pentagon decides to cancel JEDI cloud computing project’s billion-dollar contract
The cyber breach would allow a cybercriminal to break into and control the computer through the printing system used in workplaces that have networked printers.
GLOBO has prepared a series of questions and answers for you to better understand the problem and know how to act in relation to your computer. Check it out below:
Which Windows versions are vulnerable?
All versions of Windows contain vulnerable code and are vulnerable, according to the Microsoft Security Response Center (MSRC), the part of the company that monitors and resolves security incidents.
Winning to surf the nets?: With reward apps, spending time on mobile has become a ‘cybernetic spout’
This includes Windows Server versions 2004, 2008, 2012, 2016, 2019, 20H2, in addition to Windows 7, Windows 8.1, and Windows 10 versions.
Microsoft released a specific update for Windows 10 and 8.1 and also for Windows 7, which updates were no longer made. The company works on a fix for all versions.
How was the security breach identified?
Researchers at cybersecurity firm Sangfor identified the flaw, but mistakenly posted codes to understand it on the Internet. They deleted it soon, but the information was copied and published in other online environments.
Hence the fear that they could be used by hackers to break into computers using Windows.
No mouse:Co-founder of Facebook, Saverin surpasses Lemann and is the richest Brazilian
What could hackers do?
This loophole, according to Microsoft, would give hackers the chance to break into computers connected to the Internet to install programs, view and delete data or even create new accounts with user rights to take control of the machine.
“An attack must involve an authenticated user calling RpcAddPrinterDriverEx(),” Microsoft said in a statement to users.
The text guides you to ensure that Windows has made the last regular update, as of June 8, 2021, and recommends consulting the Extra Update Guidelines against this vulnerability.
What exactly is the vulnerability?
According to the Microsoft Security Response Center (MSRC), there are two CVEs (Common Vulnerabilities and Exposures) that affect the Spooler (known as a print queue).
These vulnerabilities would open the way for hackers to take control of the computer through the printing system used in workplaces that have networked printers.
One of these, listed as “CVE-2021-1675”, has already been addressed by the security update released on June 8, 2021, which Microsoft now stresses as a necessity.
The other path to an attack, vulnerability described as “CVE-2021-34527” has not yet been fixed. It is also linked to PrintNightmare, although the invasion mode has different characteristics.
“Microsoft is aware of and investigating a remote code execution vulnerability affecting Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation. And we will update CVE as more information becomes available. are available,” the company said.
How severe is this vulnerability?
The company did not estimate. He informed that he is still investigating.
How to protect yourself?
Microsoft recommends that the user always keep the computer up to date with the latest security version in order to protect the device from identified vulnerabilities and attacks.
In the case of Windows 7, support ended on January 14, 2020. The company recommends that the user switch to a Windows 10 computer so that they can continue to receive security updates from Microsoft.
What’s the Walkthrough for Upgrading Major Windows Versions?
The best way to keep Windows 8.1 up to date is to turn on automatic updates, so Windows Update installs important updates automatically as they become available.
To enable automatic updates:
-
Open Windows Update by pointing your mouse pointer to the bottom right corner of the screen and moving it up). Select Settings > Change computer settings > Update and recovery > Windows Update. If you want to manually check for updates, select Check Now.
-
Select Choose how updates are installed, and then, under Important updates, select Install updates automatically (recommended).
-
Under Recommended updates, select I want to receive recommended updates the same way I get important updates.
-
Under Microsoft Update, select I want to receive updates for other Microsoft products when I update Windows, and then select Apply.
To keep your Windows up to date, the company recommends that you go to Windows Update.
- Select Start > Settings > Update and Security > Windows Update > Windows Update, then select Check for updates.
- If a feature update is available for your device, it will appear separately on the Windows Update page. To install it, select Download and install now.
–
