Microsoft Has Now Fixed the Printer Security Bug! (Probably)
Mike Sanders / 3 years ago
In early July, it was revealed that a significant security flaw lay within practically every Windows 10 system. No, this isn’t anything particularly new, as many flaws have been identified in the operating system over the years. In terms of what it represented, however, this was likely one of the more concerning iterations. In simple terms, a flaw within the ‘Printer Spooler Service’ was found that could allow unauthorised persons, with the right knowledge to execute code at the administrative level. By proxy, this could allow various bits of malware to be installed on the system without the actual real user ever being aware.
Known as “PrintNightmare”, Microsoft released a patch later that month, but ultimately, it was discovered that it didn’t really solve the problem. – Following a report via ZDNet, however, following the release of a new Windows 10 update, it would appear that the issue might’ve been resolved. Well… Sort of.
Windows 10 “PrintNightmare” Security Flaw is Sort of Fixed!
While the exact nature of the fix is unclear, as Microsoft clearly wouldn’t want to give anyone out there any hints as to how the security exploit could be performed, the only notable change end-users will see is that printer drivers can now only be installed from administrator-level accounts. – So, on the plus side, for the vast majority of people, this shouldn’t be a problem and, all going well, provides them with a permanent plug for the leak.
However, one the quite notable downside will likely be for people in charge of large network systems. Although a little complicated to explain, employees who don’t have admin accounts on the PC they use (which is fairly standard practice for most businesses) will no longer have default access to simply connect to a printer. This will only be permitted if the person attempting to make the connection (and install the drivers) has admin-level security control.
What Do We Think?
Based on the clear limitations of this fix, it would appear that Microsoft has found something of a security ‘workaround’ rather than an outright means of solving the “PrintNightmare” problem. As such, while we’re sure there are going to be many network administrators swearing wildly at the clear implications that this new update has, it does appear that, at least for the moment, this was the only way Microsoft could find to (sort of) permanently solve the problem. Therefore, this would suggest that it might have been a bit of a knotty one to begin with, hence why their initial attempt to correct this security flaw failed!
What do you think? – Let us know in the comments!