Microsoft's Windows security flaw is a big deal. Here's what you can do about it

Technology

CNN 09 July, 2021 - 03:30pm 28 views

What is the latest security update for Windows 10?

Windows 10 October 2020 Update (version 20H2) Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. ComputerworldWindows 10: A guide to the updates

Is Windows 11 released?

When is Windows 11 available? The software will roll out starting in late 2021, according to Microsoft, and will continue throughout 2022. It's free to upgrade. USA TODAYWindows 11: Everything you must know about Microsoft's latest software

Updated 5:09 PM ET, Thu July 8, 2021

Read full article at CNN

Security warning: Microsoft PCs should be updated immediately

NBC2 News 09 July, 2021 - 09:05am

CNN — If you have a Microsoft computer that runs on Windows, you should install the latest update as soon as possible as researchers found a serious vulnerability in the operating system.

The security flaw, known as PrintNightmare, impacts the Windows Print Spooler service.

The researchers announced in late May that they found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it — but not before it was published elsewhere online, including developer site GitHub.

Microsoft warned that hackers could exploit the vulnerability and be able to install programs, view and delete data or even create new user accounts with full user rights. That gives hackers enough control to do some serious damage.

Windows 10 is not the only version affected — Windows 7, which Microsoft has ended support for last year, is also vulnerable.

Microsoft issued a patch for the 12-year-old operating system, underscoring the PrintNightmare flaw. Updates for Windows Server 16, Windows 10, version 1607, and Windows Server 2012 are “expected soon,” a Microsoft spokesperson said.

“We recommend that you install these updates immediately,” the company said.

Copyright © 2021 Waterman Broadcasting of Florida, LLC

Copyright © 2021 Waterman Broadcasting of Florida, LLC

Emergency Software Update for PrintNightmare Zero Day Vulnerability Issued

The National Law Review 09 July, 2021 - 09:05am

Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT)  Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30, 2021, Microsoft issued new guidance for the vulnerability (CVE-2021-34527) on July 1, updated guidance on July 2, 2021, and an emergency patch on July 6, 2021.

According to US-CERT, the “update does not address the public exploits that also identify as CVE-2021-1675.” US-CERT has confirmed that “an attacker can exploit this vulnerability-nicknamed PrintNighmare-to take control of an affected system.”

What to do about the Windows Print Spooler vulnerability?

According to CISA, “CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. Additionally, “domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object.”

Security researchers are urging that the patch be deployed as soon as possible, since the vulnerability is being actively exploited in the wild, and the vulnerability can take over a Windows domain controller. Although the Kaseya security incident is receiving the bulk of media attention, this vulnerability could affect many more businesses that use Windows.

According to Microsoft, the patch will provide additional security for the enabling of print software. It stated in a recent blog post that, “After installing such updates, delegated admin groups like printer operators can only install signed printer drivers. Administrator credentials will be required to install unsigned printer drivers on a printer server going forward.”

Consider this patch a priority if using Windows. It was so urgent, that the emergency patch was issued by Microsoft a week before its normal monthly software updates.

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

You are responsible for reading, understanding and agreeing to the National Law Review's (NLR’s) and the National Law Forum LLC's  Terms of Use and Privacy Policy before using the National Law Review website. The National Law Review is a free to use, no-log in database of legal and business articles. The content and links on www.NatLawReview.com are intended for general information purposes only. Any legal analysis, legislative updates or other content and links should not be construed as legal or professional advice or a substitute for such advice. No attorney-client or confidential relationship is formed by the transmission of information between you and the National Law Review website or any of the law firms, attorneys or other professionals or organizations who include content on the National Law Review website. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor.  

Some states have laws and ethical rules regarding solicitation and advertisement practices by attorneys and/or other professionals. The National Law Review is not a law firm nor is www.NatLawReview.com  intended to be  a referral service for attorneys and/or other professionals. The NLR does not wish, nor does it intend, to solicit the business of anyone or to refer anyone to an attorney or other professional.  NLR does not answer legal questions nor will we refer you to an attorney or other professional if you request such information from us. 

Under certain state laws the following statements may be required on this website and we have included them in order to be in full compliance with these rules. The choice of a lawyer or other professional is an important decision and should not be based solely upon advertisements. Attorney Advertising Notice: Prior results do not guarantee a similar outcome. Statement in compliance with Texas Rules of Professional Conduct. Unless otherwise noted, attorneys are not certified by the Texas Board of Legal Specialization, nor can NLR attest to the accuracy of any notation of Legal Specialization or other Professional Credentials.

The National Law Review - National Law Forum LLC 4700 Gilbert Ave. Suite 47 #230 Western Springs, IL 60558  Telephone  (708) 357-3317 or toll free (877) 357-3317.  If you would ike to contact us via email please click here.

Microsoft issues urgent security warning: Update your PC immediately to avoid Print-Nightmare

KTRK-TV 09 July, 2021 - 09:05am

Microsoft issues urgent security warning: Update your PC immediately

Technology Stories