Home / Software & Service News / Ancient Windows printer flaw exposes you to malware

Ancient Windows printer flaw exposes you to malware

Security holes don’t always originate in relatively recent bugs… sometimes, they can stem from code written in an entirely different era. Researchers at Vectra Networks have discovered a roughly 20-year-old flaw in Windows Print Spooler (which oversees the printing process) that lets attackers slip malware on to a PC. As the spooler doesn’t verify that a printer’s drivers are legitimate when you plug the hardware in, it’s possible for attackers to install maliciously-coded drivers thorough either the internet or the printer itself. The exploit can not only infect numerous computers if it’s shared on a network, but keep infecting as computers discover the peripheral.

Microsoft already has a patch ready, so you’re safe if you’re using Windows Vista or later. However, the exploit also works on Windows XP and earlier, which Microsoft stopped supporting (outside of special contracts) years ago. That theoretically leaves millions of old PCs permanently vulnerable to this attack. The main saving grace: the attacker needs to attach the device to your PC or the local network. As such, the threat is mainly limited to public hotspots, loosely guarded office networks and other situations where someone could theoretically attach a rogue printer without drawing your attention.

Via: Ars Technica

Source: Vectra, Microsoft Security TechCenter

Click Here For Original Source Of The Article

About Ms. A. C. Kennedy

Ms. A. C. Kennedy
My name is Ms A C Kennedy and I am a Health practitioner and Consultant by day and a serial blogger by night. I luv family, life and learning new things. I especially luv learning how to improve my business. I also luv helping and sharing my information with others. Don't forget to ask me anything!

Check Also

Microsoft releases new Windows 10 preview with Edge, shell, and input improvements

Microsoft today released a new Windows 10 preview for PCs with Edge, shell, and input improvements. This build is part of the RS4 branch, which represents the next Windows 10 update the company has yet to announce. Windows 10 is a service, meaning it was built in a very different way from its predecessors so […]