Microsoft is warning Windows users about an unpatched critical flaw in the Windows Print Spooler service. The vulnerability, dubbed PrintNightmare, was uncovered earlier this week after security researchers accidentally published a proof-of-concept (PoC) exploit. While Microsoft hasn’t rated the vulnerability, it allows attackers to remotely execute code with system-level privileges, which is as critical and problematic as you can get in Windows.
Researchers at Sangfor published the PoC, in what appears to have been a mistake, or a miscommunication between the researchers and Microsoft. The test code was quickly deleted, but not before it had already been forked on GitHub.
Sangfor researchers had been planning to detail multiple 0-day…
Continue reading…
