Microsoft Confirms HUGE Windows 10 Printer Security Flaw
Mike Sanders / 3 months ago
Given that Windows 10 is roughly 6 years old now, you’d have been forgiven for thinking that most of the major security flaws within it had either been discovered or already resolved. It should be noted that these ‘backdoor’ issues can often reside for many, many, years undiscovered. And that’s something that’s not the fault of Microsoft either. Put simply, it often requires someone with a bit of exceptionally creative thinking to see if something seemingly totally irrelevant and/or unimportant could potentially represent a security problem. It almost borders on Mensa levels of lateral thinking.
Well, following a report via TechSpot, it’s not the first, and we daresay it won’t be the last. Still, a new day-0 security flaw within Windows 10 has been discovered and, on the whole, represents a potentially huge problem!
Microsoft Confirms New Windows 10 Security Flaw
Discovered earlier this week as a proof of concept, security researchers have found that the “Windows Print Spooler service” contains a flaw that could potentially allow external sources to exploit it to activate critical-level remote code execution. With Microsoft having now confirmed the existence of this issue, while a patch is undoubtedly on the way, the community is strongly advising PC owners to take action.
The main key advice is that if your PC is not used for printing of any description, then you should go into the services settings and disable the “Windows Print Spooler service”. However, if you do require printing, an alternative option is to disable inbound remote printing through the Group Policy security settings.
What Do We Think?
Although the flaw has been confirmed to exist, as you might expect, the security firm has not disclosed how to utilise it. As such, although the risk to the vast majority of users is exceptionally low, it does still exist nonetheless and according to Microsoft has been actively exploited. As above, while Microsoft will undoubtedly be working hard to fix this as soon as possible, applying one of these workarounds might be to your advantage. Particularly since now it’s known to exist, hackers might be exploring the possibilities it could represent.
In a nutshell, do you need to do it? Probably not. As the old adage goes though, it’s better to be safe than sorry.
What do you think? – Let us know in the comments!