Breaking

Friday, August 14, 2020

Windows News: Windows security bug could let hackers hijack your printer

Windows News: Windows security bug could let hackers hijack your printer

by on in ,

Windows News: Windows security bug could let hackers hijack your printer


The flaw affects Windows printing service, despite Microsoft releasing a patch


(Image credit: Shutterstock)

Windows users are warned to make sure their security protections are up so far following the disclosure of a replacement bug that would affect printer services.

Researchers were ready to bypass recent patches to require advantage of a flaw that would allow hackers to take over a personal network after hijacking individual printing devices.

The flaw affects Windows Print Spooler, the service that manages the printing, giving third-parties admin privileges that would be exploited to run malware.


  1. Your printer: it is a vulnerable, connected device
  2. How to work from home: the mouse, monitor, keyboard, and router for remote working
  3. How to make your printer safer 


Printer security

The bug, referred to as CVE-2020-1048, was uncovered by Peleg Hadar and Tomer Bar of SafeBreach Labs, who reported the flaw to Microsoft. The computing giant had released a fix for the difficulty back in May, but it seems this protection was incomplete.

The researchers discovered that they might cash in of CVE-2020-1048 by crafting malicious files that are parsed by Windows Print Spooler, including.SHD (Shadow) files that contain metadata for print jobs like the ID of the system user, and SPL (Spool) files that contain the info that's thanks to being printed.

These files are processed by a function called ProcessShadowJobs, which places SHD files into the spooler folder when printing starts.

However as Windows Print Spooler runs with SYSTEM privileges and any user can drop SHD files into its folder, the researchers were ready to use modified SHD files to incorporate a SYSTEM SID, add it to the Spooler’s folder, and restart the pc for the Spooler to perform the task with the rights of the foremost privileged account on Windows.

Microsoft now says it'll fix the flaw in its next security update, scheduled for August 11, but this suggests some user systems remain in danger until then with no fix in view.

.
Users might want to carry off downloading any initial Microsoft patches though, after recent releases did more harm than good, with the June 2020 update causing serious problems with printers – breaking printer functionality completely, or elements of it, like causing wireless printing to fail.



 Source URL Techradar
By at
Tags: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)