The Print Nightmare vulnerability is a “critical” exploit that affects the Windows print queue and was discovered in Windows 7. This vulnerability allows attackers to execute remote code on our devices and take control of them.
Microsoft has already released a patch to fix the problem, however, security researchers mention that this patch only fixes the remote vector and that LPE variations continue to work until now.
Print Nightmare affects Windows 7 and higher versions
This exploit has been discovered in Windows 7 (version no longer supported), but it also affects later versions. However, this vulnerability already existed several years ago but became relevant when GitHub showed how to exploit it.
The first to discover Print Nightmare was the US Cybersecurity Infrastructure Security Agency, which has commented that the problem lies in showing how to exploit the vulnerability, which, it could be said, is fixed to a certain extent.
Of course, Print Nightmare is a critical threat to all devices running Windows 7 or higher, as the print queue service does not restrict access to the RpcAddPrinterDriverEx function, allowing attackers to execute malicious code on our computer.
Some recommendations to stay safe from Print Nightmare
The first thing to do is to disable the Print Queue service if your computer does not have a printer. If you do have a printer, then we recommend the following procedure:
- Go to Edit Group Policy.
- Then go to Computer Configuration.
- Click on Administrative Templates.
- Select Printers.
- Now we deactivate Allow the print job manager to accept client connections.
- And that’s it, with this procedure you will keep your computer safe from the Print Nightmare vulnerability.