Today, Jisc has warned technical teams at colleges, universities and research institutes that they must take immediate action to disable a Microsoft printer service in order to prevent cyber attacks.
Jisc security director, Henry Hughes, explains:
“We urge IT staff to follow the guidance that Microsoft has provided to block attacks on systems vulnerable to exploitation of the Windows print spooler service bug known as PrintNightmare.
“The bug allows attackers to take over affected servers,install programs, view, change, or delete data, and create new accounts with full user rights.”
To mitigate the problems, Microsoft has published advice.
Jisc is monitoring the situation closely and will update its members as new information is released.
Update 7 July: Microsoft has released updates addressing this vulnerability. These updates do not include Windows 10 version 1607, Windows Server 2012, or Windows Server 2016. Updates for these versions are yet to be issued.