July 18, 2024


The Internet Generation

Windows security bug could let hackers hijack your printer

Windows customers have been warned to make sure their protection protections are up to date next the disclosure of a new bug that could influences printer services.

Scientists had been capable to bypass current patches to exploit a flaw that could allow hackers to acquire above a non-public network just after hijacking personal printing devices.

The flaw influences Windows Print Spooler, the assistance that manages the printing method, offering third-get-togethers admin privileges that could be exploited to operate malware.

Printer protection

The bug, known as CVE-2020-1048, was uncovered by Peleg Hadar and Tomer Bar of SafeBreach Labs, who described the flaw to Microsoft. The computing large had introduced a fix for the difficulty back again in Could, but it looks this defense was incomplete. 

The scientists uncovered that they could acquire advantage of CVE-2020-1048 by crafting destructive files that are parsed by Windows Print Spooler, like .SHD (Shadow) files that comprise metadata for print employment this sort of as the ID of the system person, and SPL (Spool) files that comprise the details that is due to be printed.

These files are processed by a function called ProcessShadowJobs, which destinations SHD files into the spooler folder when printing starts off. 

Having said that as Windows Print Spooler operates with Technique privileges and any person can fall SHD files into its folder, the scientists had been capable to use modified SHD files to incorporate a Technique SID, increase it to the Spooler’s folder, and restart the computer for the Spooler to execute the activity with the legal rights of the most privileged account on Windows.

Microsoft now states it will fix the flaw in its future protection update, scheduled for August 11, but this signifies some person devices continue being at risk until then with no fix in sight.

People may perhaps want to hold off downloading any initial Microsoft patches nevertheless, just after current releases did far more damage than very good, with the June 2020 update causing significant complications with printers – breaking printer operation wholly, or elements of it, this sort of as causing wireless printing to are unsuccessful.

Through Bleeping Pc