Meet Microsoft's new Windows 11 0:57
New York (CNN Business) -
Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service.
Researchers at cybersecurity company Sangfor accidentally published a guide to exploiting it.
Researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer.
They published a proof of concept by mistake and subsequently deleted it, but not before it was posted elsewhere on the internet, including the developer site GitHub.
Microsoft Introduces Windows 11 and Here's What You Need to Know
Microsoft warned that hackers who exploited the vulnerability could install programs, view and delete data, or even create new user accounts with full user rights.
That gives hackers enough command and control of your PC to do serious damage.
Not only in Windows 10
Windows 10 isn't the only version affected: Windows 7, which Microsoft stopped supporting last year, is also subject to the vulnerability.
advertising
The vulnerability affects Windows 7 and Windows 10, and it was unclear if it will put Windows 11 at risk, still in beta testing.
(Credit: Microsoft)
Despite announcing that it would no longer issue updates for Windows 7, Microsoft issued an update for its 12-year-old operating system, underscoring the severity of the PrintNightmare flaw.
Updates for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012 are "expected soon," he said.
"We recommend that these updates be installed immediately," the company said.
If there is any good news, it is that the current security update is cumulative, which means that it also contains previous fixes for previous security issues.
Microsoft on alert
This is the latest in a series of security alerts from Microsoft in the last year and a half.
The company has been embroiled in various security concerns, including in 2020 when the National Security Agency (NSA) alerted Microsoft to a major flaw in its Windows operating system that could allow hackers to impersonate. by legitimate software companies.
And this year, hundreds of thousands of Exchange users came under attack after four vulnerabilities in their software allowed hackers to access the servers of the popular email and calendar service.
Microsoft was also the target of the devastating SolarWinds breach.
Notably, Microsoft has not released a patch for Windows 11. Its new operating system, due out shortly, is currently available in beta testing.
Windows 11 comes six years after Microsoft last revised its operating system with Windows 10, a major update that is now working on some 1.3 billion devices worldwide, according to CCS Insight.
HackersMicrosoft