Too late, but it’s here: Microsoft fixes a critical vulnerability that has been around since 1996 in Windows

Too late, but it's here: Microsoft fixes a critical vulnerability that has been around since 1996 in Windows

Microsoft has fixed on its Windows 10 system a critical vulnerability present in Windows since 1996 known as PrintDemon, which was present in the printing system and allowed attackers to view, change and delete files on the user’s computer.

The PrintDemon vulnerability exploits an elevation of privilege that can be performed in the Windows Print Spooler service, which helps computers interact with printers and manages the document print queue.

According to Microsoft, this security breach allows cybercriminals to arbitrarily upload code to the system and acquire elevated system privileges, with which it is possible to view, modify and delete user files and even install programs or create new accounts in the computer.

“To exploit this vulnerability, an attacker would have to log into the affected system and run a malicious ‘script’ or application created for it,” the US company acknowledged.

Print Spooler has contained this same vulnerability since it was released in Windows NT 4 in 1996, and was even used as part of the attacks carried out by the Stuxnet worm against nuclear facilities in Iran, according to cybersecurity researchers Alex Ionescu and Yarden Shafir.

Microsoft has now released a patch to fix this vulnerability (CVE-2020-1048) on their Windows 10 operating system, which fixes how the Windows Print Spooler component writes to the system.

SHARE
Previous articleKanye West’s ex-bodyguard opens up: “It’s ten times worse than you think”
Next articleA group of hackers threatens Donald Trump: $ 42 million or they will air their dirty laundry
Aakash Molpariya
Aakash started in Nov 2018 as a writer at Revyuh.com. Since joining, as writer, he is mainly responsible for Software, Science, programming, system administration and the Technology ecosystem, but due to his versatility he is used for everything possible. He writes about topics ranging from AI to hardware to games, stands in front of and behind the camera, creates creative product images and much more. He is a trained IT systems engineer and has studied computer science. By the way, he is enthusiastic about his own small projects in game development, hardware-handicraft, digital art, gaming and music. Email: aakash (at) revyuh (dot) com