This blog posting represents the views of the author, David Fosberry. Those opinions may change over time. They do not constitute an expert legal or financial opinion.
If you have comments on this blog posting, please email me .
The Opinion Blog is organised by threads, so each post is identified by a thread number ("Major" index) and a post number ("Minor" index). If you want to view the index of blogs, click here to download it as an Excel spreadsheet.
Click here to see the whole Opinion Blog.
To view, save, share or refer to a particular blog post, use the link in that post (below/right, where it says "Show only this post").
Posted on 3rd July 2021
|Show only this post|
Show all posts in this thread (Cybersecurity).
Yes, the vulnerability is already being actively exploited, and your computers are at risk.
So, yet again, Microsoft, with their poor design and cavalier attitude to users' security, have put millions of users at risk. The potential impact is huge, because all Windows versions since Windows are vulnerable.
The vulnerable software is the Print Spooler, which is common to all Windows versions, both client and server. As yet there is no patch to close the vulnerability, but there are some things that you can do to reduce or eliminate the risk (depending on your network topology and security policies). Microsoft has released a document listing “PrintNightmare” mitigation strategies. The suggestion on Tom's Guide is to disable the Print Spooler service (which you probably can't live with) or to disable inbound remote printing through Windows’ Group Policy.
Disabling inbound remote printing means that your Windows print servers will not work; yet another reason to migrate your server functionality to Linux.