Microsoft says it has patched a “critical” security flaw that affected all versions of its Windows software dating back years.
The security hole would have allowed an attacker to use networked printers to run their own programs on connected computers.
{mosads}Windows was designed to import software whenever users tried to connect to an unknown printer.
To ease the process, those so-called printer drivers could be stored on local networks. Microsoft, though, disabled warnings that it was installing new software and there weren’t enough protections to guard against malware.
The flaw was in all Windows versions since Windows Vista, which was released to the public in 2007.
“From an attacker perspective, this is almost too good to be true, and of course we had to give it a try,” said Nick Beauchesne of Vectra Networks, the company that discovered the glitch, in a blog post.
Microsoft and Vectra acknowledged the flaw on Tuesday. The vulnerability is patched in the latest batch of updates, which were released the same day.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Log Reg
