Every day I wake up to check the media for new vulnerabilities in the world that might affect your networks and computers. Earlier this month I discovered the latest PrintNightmare vulnerability that has the potential to be extremely serious in terms of security and being able to operate your businesses as usual.

Microsoft Windows (all versions - server and workstation) have a component called the "spooler" that controls how Windows interacts with printers. It was disclosed that a serious vulnerability exists that would allow malware to control this printing service, elevate itself to full administrative control, and spread its evil intentions to all your systems. To make things worse, some of the research leaked out with proof-of-concept code that is basically a construction kit on how to write your own malware using this. It turns out this exploit is trivially easy to write!

Microsoft is aware of the problem and has unsuccessfully (so far) been able to correct it - the best they have now is "turn off the printing service" which would shut down work processes for most companies.

I've been working with my iSequre security teams and we have come up with a remediation that will prevent this malicious activity from getting any traction in our systems. We are in the process of rolling out this remediation to our network and stations for clients. We have tested this on a few systems, and it appears to have no side-effects.

I am not one to run around shouting "The sky is falling!" - but in this case, the sky is really falling.

If you are not sure if your IT provider is protecting you from this vulnerability, I would recommend contacting them. If your IT provider doesn't know how to remedy this situation, let me know if iSequre can help keep your systems sequre.