Given that Windows 10 is roughly 6 years old now, you’d have been forgiven for thinking that most of the major security flaws within it had either been discovered or already resolved. It should be noted that these ‘backdoor’ issues can often reside for many, many, years undiscovered. And that’s something that’s not the fault of Microsoft either. Put simply, it often requires someone with a bit of exceptionally creative thinking to see if something seemingly totally irrelevant and/or unimportant could potentially represent a security problem. It almost borders on Mensa levels of lateral thinking.
Well, following a report via TechSpot, it’s not the first, and we daresay it won’t be the last. Still, a new day-0 security flaw within Windows 10 has been discovered and, on the whole, represents a potentially huge problem!
Discovered earlier this week as a proof of concept, security researchers have found that the “Windows Print Spooler service” contains a flaw that could potentially allow external sources to exploit it to activate critical-level remote code execution. With Microsoft having now confirmed the existence of this issue, while a patch is undoubtedly on the way, the community is strongly advising PC owners to take action.
The main key advice is that if your PC is not used for printing of any description, then you should go into the services settings and disable the “Windows Print Spooler service”. However, if you do require printing, an alternative option is to disable inbound remote printing through the Group Policy security settings.
Although the flaw has been confirmed to exist, as you might expect, the security firm has not disclosed how to utilise it. As such, although the risk to the vast majority of users is exceptionally low, it does still exist nonetheless and according to Microsoft has been actively exploited. As above, while Microsoft will undoubtedly be working hard to fix this as soon as possible, applying one of these workarounds might be to your advantage. Particularly since now it’s known to exist, hackers might be exploring the possibilities it could represent.
In a nutshell, do you need to do it? Probably not. As the old adage goes though, it’s better to be safe than sorry.
What do you think? – Let us know in the comments!
With unprecedented new performance hybrid architecture, 12th Generation Intel® Core™ processors offer a unique combination…
Leveraging more than 14 years of professional PC building know how, NZXT has provided the…
Everest Max is the last word in mechanical keyboards with modularity and customization unlike any…
G502 X PLUS is the latest addition to legendary G502 lineage. Reinvented with our first-ever…
Get your head in the game. Immerse yourself in an epic experience and enjoy sound…
The EK-Nucleus AIO CR360 Dark is an all-in-one liquid cooling solution offering a pitch-black cooler…