Microsoft has issued a warning to its users regarding the latest vulnerability called PrintNightmare, a flaw that affects the Windows Print Spooler service. This issue was discovered in the last week of May by researchers at Sangfor, a cybersecurity company.


What is PrintNightmare vulnerability in Windows?

The PrintNightmare vulnerability affects the Windows Print Spooler service, which then grants access to multiple users of a single printer. Researchers in May highlighted the issue, and they had accidentally published a how-to guide on exploiting the same. Although it was taken down shortly, the guide was reposted on several other sources on the internet, including Github.

What does PrintNightmare do in Windows?

PrintNightmare exploits parts of the Windows Print Spooler service, allowing multiple users to access a printer. However, Microsoft has warned that hackers can use the vulnerability to install malicious programs on your system, causing a major comprise of personal data. It can even create new accounts with full user rights, which can make you lock out your system.

Which versions of Windows are affected by PrintNightmare?

As per current reports, Windows 10 and Windows 7 are most vulnerable to the PrintNightmare vulnerability. The reach of this issue to other versions of Windows is not yet confirmed.

How do I prevent PrintNightmare vulnerability in Windows?

There is a preventive measure that users can take by disabling the Windows Print Spooler service. Do note that this will also disable all types of printing abilities of your system. Also, this does not assure a full-proof solution against the PrintNightmare vulnerability, as the best firewall can only be achieved with a system-level patch by Microsoft.

To disable Windows Print Spooler service,

1. Press Win + X key on your keyboard.
2. Now open Windows PowerShell (Admin) from the menu. Alternately, you can also run Command Prompt (CMD) as admin for the same.
3. Now type the following command and press enter. This command disables the Windows Spooler Print service temporarily.

Stop-Service -Name Spooler -Force

4. Now type this command to prevent the Windows Spooler Print service from starting automatically after a reboot.

Set-Service -Name Spooler -StartupType Disabled

Please ensure to use both these commands, else the Spooler Print service will get enabled at reboot exposing your system to the vulnerability.

Since disabling the Windows Spooler Print service handicaps the printing functionalities of your system, one may require the need of a printer. So you can enable the Spooler by typing these commands. Please disable the spooler using the same above-mentioned commands after your use for better safety.

Set-Service -Name Spooler -StartupType Automatic

Now Press Enter.

Start-Service -Name Spooler

The disabling of the Windows Spooler Print service is a temporary solution, and in most cases impractical as printing is an essential task in most offices. But that’s the best one can do as of now to prevent their system from getting affected by the PrintNightmare flaw. Our best recommendation is to immediately update your Windows machine to the latest version available from Microsoft, which will fix the issue permanently.

When will Microsoft patch the PrintNightmare vulnerability in Windows?

Microsoft, in a statement, has said that it will soon release patches for Windows Server 2016, Windows 10, version 1607, and Windows Server 2012. The company has also assured about a patch update for its 12-year-old Windows 7. Microsoft said that they are working on a patch, and users can expect these updates ‘very soon’.

This isn’t the first time that Microsoft’s Windows has been caught with major security flaws. The software giant is always notified about such security issues in the world’s most popular operation system, Windows, including the warnings from National Security Agency in 2020 where hackers disguised themselves as legit software companies and injected malware into people’s systems.

Microsoft is also yet to announce a patch for the PrintNightmare vulnerability for its latest Windows 11 update. We will keep you updated if we find any fix for this security flaw, so stay tuned.

Was this article helpful?