Or just disable the spooler service in the mean time.
I think your a little off, this vulnerability is with the print spooler in windows allowing a attacker to potentially gain access to your computer. It's not a vulnerability with printers.
I meant printers connected to Windows computers. They can be shared. If you don't share a printer, how do you expose its spooler to the world especially behind a router?
The print spooler is a service that runs as part of the Windows operating system to allow your computer to que print documents. Its on by default and a vulnerability has been found to allow an attacker to potentially access the operating system from that service. It doesn't matter if you have a printer or not, the service is running as part of the operating system.
One can't initiate a connection from outside to computers behind the NAT. How can they? If they could this spooler would have been the least of our problems.
There are literally hundreds of ways to initiate a connection to a computer behind a NAT. Maybe you are savvy enough to avoid it but not everyone is.
If you want to ignore it from behind a NAT, feel free. Just be sure that your router's Firmware is up to date.Microsoft (MSFT) warned that hackers that exploit the vulnerability could install programs, view and delete data or even create new user accounts with full user rights. That gives hackers enough command and control of your PC to do some serious damage.
Windows 10 is not the only version affected -- Windows 7, which Microsoft has ended support for last year, is also subject to the vulnerability.
Despite announcing that it would no longer issue updates for Windows 7, Microsoft issued a patch for its 12-year old operating system, underscoring the severity of the PrintNightmare flaw. Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 will are "expected soon," it said.
"We recommend that you install these updates immediately," the company said.
I use pfSense. My "firmware" is up to date.kr0zet wrote: ↑ There are literally hundreds of ways to initiate a connection to a computer behind a NAT. Maybe you are savvy enough to avoid it but not everyone is.
Besides, if this was a nothingburger do you really think that Microsoft would be releasing an update for Windows 7 years after they officially ended support for the OS?
If you want to ignore it from behind a NAT, feel free. Just be sure that your router's Firmware is up to date.
I think most of the tech sites reporting on don't actually understand it either. I just want to know which ports to close in my firewall, that's all.
This doesn't surprise me at all. Guess I have to wait a bit to patch the update.
Yup. Don't forget VSS toozerod wrote: ↑ This exploit is a big deal to businesses, not home users (limited damage).
The way I understand it is:
Hackers need to already have access to a computer on the network.
Normally, this does not give them access to the servers, as they're limited to whatever the compromised user has access to.
This exploit lets them gain full access (as SYSTEM account) to any Windows machine on the network running the unsecured print spooler.
Full access means they can disable security software, access any files, install ransomware, etc.
For a home user, a family member's computer could spread malware this way.
Also, the patch apparently doesn't fix it...
