Emergency Microsoft Patch Needed to Protect Most Users
Microsoft has issued an emergency patch that both IT and security experts say is an absolute must to install immediately. It fixes a serious bug that could give attackers remote control of a PC and is one of the very few cases where Microsoft is even issuing a fix for Windows 7 computers that it no longer officially supports.
The fix is for a bug known in Microsoft circles as CVE-2021-1675 and CVE-2021-34527, and known elsewhere with the somewhat catchier name PrintNightmare. The name is appropriate as it has the most serious combination of how likely attacks are and how much damage they could do, earning Microsoft’s highest “Severity” rating of “Critical.”
The bug involves Windows Print Spooler, the tool that lets you create a queue of print jobs rather than have to wait for one to finish before starting a new one. For this to work, Windows Print Spooler needs the highest level of access to files.
An Active Threat
Unfortunately, that’s where the bug is so serious. Somebody who knows how to exploit the bug could run code with system privilege, the ultimate “access all areas” level of security access on a Windows computer. Microsoft explains that “an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
To make things worse, it’s a zero-day bug. That means hackers knew about the bug and began taking advantage before Microsoft issued a fix, meaning it had zero days’ headstart in the race to patch computers before attackers struck.
“Unsupported” Windows 7 Patched
The bug affects all versions of Windows, including desktop and server editions. In a sign of how seriously Microsoft is taking the issue, its patches include a fix for Windows 7. Microsoft ended the extended support period for that system in January 2020, meaning it has a policy of no longer issuing security patches for those computers.
Normally it’s extremely reluctant to break that policy for fear of falling into the same vicious cycle it had with Windows XP. So many people still used XP after its support cycle ended (largely because its successor, Vista, was so unpopular) that Microsoft feared leaving them unpatched, particularly with malware such as viruses that spread between machines. However, the more it issued fixes for XP, the less incentive users had to upgrade.
Patch Early, Patch Often
Although Microsoft first issued an emergency patch on Tuesday 6 July, some security experts have reported it doesn’t completely close the security gap. However, it appears to reduce the risks significantly, and it’s well worth both installing it immediately and then keeping an eye for if and when Microsoft issues a more complete fix.
If you would like more information on CPI Solutions, please visit www.cpisolutions.com