Yesterday, a severe vulnerability called “Print Nightmare” was accidentally leaked to the public by security researchers affecting all Microsoft Windows operating systems. This vulnerability impacts ANY machine that has the Windows print spooler service running - this includes servers and workstations.
Going public with this news before a fix creates a serious threat to any business that has the print spooler service running.
Chances are high that cybercriminals are actively targeting domain controller servers to attempt to gain remote access and launch a ransomware attack on your network.
What Should You Do?
As with all Zero-day attacks, there was not a fix available at the time the vulnerability was announced, hence the name "Zero-Day". Therefore Microsoft’s initial recommendation was to disable the affected service on all Active Directory servers (domain controllers) to prevent any abuse or manipulation of the domain.
This recommendation was completed for all our clients the same day as the vulnerability was announced. At ANP, we went a step a further to disable this on ALL servers temporarily until there was a fix. While this halted printing temporarily, it is required to ensure your business is protected.
Microsoft since has released a patch that has resolved the issue.
Contact your IT department or managed IT services company to make sure they’re aware of this vulnerability and have taken the proper steps to patch your systems to keep your data secure.
Our clients data security is our top priority. We follow a zero-trust security policy and employ multiple levels of protection across your network to eliminate the possibility of an attack.
If you have any concerns about the security practice of your business, contact ANP today to discuss if we can help.
Check out this short 2-minute video with CEO, Dave Mulvey to learn about how we protect our Small Business clients from Cyber Criminals and prevent Ransomware.