Everything You Need to Know About the “Print Nightmare” Vulnerability

According to one recent study, over 18,000 vulnerabilities were discovered during 2020 alone. Not only that, but roughly half of all internal-facing web application vulnerabilities are considered to be of a “high risk” category – meaning that they need to be patched as soon as possible. If you need just a few statistics to point to the importance of keeping your software updated at all times, let it be those ones.

At this point, new vulnerabilities in commonly used programs are being discovered on a daily basis – creating something of a race between software developers and hackers to see whether those issues can be fixed faster than they can be taken advantage of. In early July, 2021, a particularly devastating one was discovered. The appropriately named “Print Nightmare” vulnerability impacts the Windows print queue, and it was discovered in one of the most widely used operating systems on the planet – Windows 7.

The Print Nightmare Vulnerability: Breaking Things Down

As stated, the “Print Nightmare” vulnerability impacts the Windows 7 operating system – which, to be fair, is no longer being supported by Microsoft. At TSI, we’ve long recommended that our clients update to a newer operating system that is being supported to avoid exactly this type of issue.

Having said that, the vulnerability itself is nothing new – indeed, it has existed for several years but has only hit the news recently as rogue actors have figured out how to capitalize on it. It was first discovered by the United States Cyber Security Infrastructure Security Agency, who indicated that it was a “critical threat” to all devices running Windows 7 or higher.

This is because the print queue in the Windows operating system doesn’t restrict access to the RpcAddPrinterDriverEx function, which is what attackers are using to execute malicious code on a target device.

To their credit, a patch was released from Microsoft almost immediately aimed at addressing this threat as thoroughly as possible. However, experts agree that the patch quickly proved to be incomplete – meaning that it failed to address all of the potential issues that are now being associated with the “Print Nightmare” bug.

While the patch doesn’t totally eliminate the vulnerability, it does offer a certain amount of protection from “Print Nightmare” – truly, this is one of those situations where downloading the patch is better than doing nothing at all. At TSI, we recently pushed out the patch to all of our users in advance of a more complete fix that will be applied as soon as it is received from the people at Microsoft.

At TSI, we want all of our clients to know that this patch is of critical importance – but it won’t come without a certain level of inconvenience. More specifically, once it is applied it will cause downtime for all Zebra printers – that is, until a more permanent fix is provided from the team at Microsoft.

All told, we want TSI clients to know that they should keep their machines online overnight – and they should reboot them in the morning – to make sure that the patch itself takes effect. This patch depends on a full system reboot to work, but don’t worry – TSI will reboot your machines during your pre-scheduled “patch and maintenance” window to avoid as much disruption as possible. Still, please take preparations to make sure that this outage will cause a minimum amount of impact to your organization.

Any machines that are not being maintained by TSI may not receive the patch at all, so you need to be proactive about making sure those devices are updated manually moving forward.

Chris Souza

Chief Executive Officer

Christopher Souza, Chief Operations Officer at Technical Support International, provides the leadership and direction in operations and the overall general management for TSI. Christopher is resolute in increasing productivity and efficiency utilizing benchmarks to quantify progress and measure success. He is responsible for developing and executing strategies and processes fostering rapid, profitable and sustainable growth including market expansion while maintaining customer satisfaction.

Christopher has over 16 years of experience in the High Technology Sector. Prior to joining TSI, Chris was a Branch Manager and Director of Sales/Marketing for local IT and telecommunication providers. Christopher has earned his BS in Accounting from the University of Massachusetts Dartmouth and his MBA in E-Business from the University of Phoenix satellite campus in Braintree, MA.