Windows Vista and Print Spooler security vulnerabilities fixed in newest update

John White By: John White
2 minute read

Home » News » Windows Vista and Print Spooler security vulnerabilities fixed in newest update

If you’re still using Windows Vista for some unknown reason, you’ll be happy to know that Microsoft recently released an update for the ancient operating system. The update is designed with security in mind with the issue deemed critical by Microsoft.

An excerpt of Microsoft’s security bulletin report:

This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.

The update addresses the vulnerabilities by:

  • Correcting how the Windows Print Spooler service writes to the file system
  • Issuing a warning to users who attempt to install untrusted printer drivers

If you’re logged in an as administrator, you will be at greater risk from any possible attack. Furthermore, an attacker could take advantage of the flaw by targeting a print server or system. The attacker would then inject a malicious code and then sit back as things fall apart.

Why is this even possible? Well, the print spooler doesn’t properly validate printer drivers when they are being installed.

Here’s what Vectra Networks security researcher, Nicolas Beauchesne, had to say:

Normally, User Account Controls are in place to warn or prevent a user from installing a new driver. To make printing easier, an exception was created to avoid this control,” he said. “So in the end, we have a mechanism that allows downloading executables from a shared drive, and run them as system on a workstation without generating any warning on the user side. From an attacker perspective, this is almost too good to be true, and of course we had to give it a try.”

Keep this issue in mind and an eye out for the update.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

This is how we fixed PC game stuttering in Windows 10

Matthew Adams By: Matthew Adams
5 minute read

Game stuttering is the irregular delays between GPU frames that can have a notable impact on gameplay. A game that stutters will feel slow, or […]

Continue Reading

Facebook tracks your location if your account is considered a threat

Zille Huma avatar. By: Zille Huma
2 minute read

Facebook is reportedly maintaining a list of user data taken directly from their accounts. You might be surprised to know that Facebook’s ex-employees and existing […]

Continue Reading

Microsoft removes Windows Mixed Reality from its affiliate program

Matthew Adams By: Matthew Adams
2 minute read

Microsoft Windows Mixed Reality headsets combine VR and AR for gaming and 360-degree video. There are currently more than 2,500 mixed reality games on the […]

Continue Reading