In early July, it was revealed that a significant security flaw lay within practically every Windows 10 system. No, this isn’t anything particularly new, as many flaws have been identified in the operating system over the years. In terms of what it represented, however, this was likely one of the more concerning iterations. In simple terms, a flaw within the ‘Printer Spooler Service’ was found that could allow unauthorised persons, with the right knowledge to execute code at the administrative level. By proxy, this could allow various bits of malware to be installed on the system without the actual real user ever being aware.
Known as “PrintNightmare”, Microsoft released a patch later that month, but ultimately, it was discovered that it didn’t really solve the problem. – Following a report via ZDNet, however, following the release of a new Windows 10 update, it would appear that the issue might’ve been resolved. Well… Sort of.
While the exact nature of the fix is unclear, as Microsoft clearly wouldn’t want to give anyone out there any hints as to how the security exploit could be performed, the only notable change end-users will see is that printer drivers can now only be installed from administrator-level accounts. – So, on the plus side, for the vast majority of people, this shouldn’t be a problem and, all going well, provides them with a permanent plug for the leak.
However, one the quite notable downside will likely be for people in charge of large network systems. Although a little complicated to explain, employees who don’t have admin accounts on the PC they use (which is fairly standard practice for most businesses) will no longer have default access to simply connect to a printer. This will only be permitted if the person attempting to make the connection (and install the drivers) has admin-level security control.
Based on the clear limitations of this fix, it would appear that Microsoft has found something of a security ‘workaround’ rather than an outright means of solving the “PrintNightmare” problem. As such, while we’re sure there are going to be many network administrators swearing wildly at the clear implications that this new update has, it does appear that, at least for the moment, this was the only way Microsoft could find to (sort of) permanently solve the problem. Therefore, this would suggest that it might have been a bit of a knotty one to begin with, hence why their initial attempt to correct this security flaw failed!
What do you think? – Let us know in the comments!
Phil Spencer has spoken out against what he calls "manipulative expansions"—additional content derived from material…
Razer has introduced the USB 4 Dock, a high-performance accessory designed to combine ultra-fast data…
A major supplier of GPU cooling components has indicated that we could see the arrival…
MSI first unveiled its top-tier AM5 motherboard, the MEG X870E GODLIKE, in August this year.…
80% UltraFast Recharging in 43 Minutes: Be ready for adventure in 43 minutes (100% in…
Powered by Intel's 13th Generation i7-13620H 10 Core Processor Dedicated NVIDIA GeForce RTX 4070 (140…