CYBERSECURITY ALERT: Microsoft Print Spooler Vulnerability (PrintNightmare)

As reported in multiple news outlets, a vulnerability in Microsoft Windows Print Spooler, dubbed “PrintNightmare” has been discovered in the last week which would allow a malicious attacker to conduct a complete takeover of any Windows computer that has not been updated with the latest security updates. USC’s Office of the Chief Information Security Officer (OCISO) would like to make you aware of some important details of this vulnerability and the actions you should take to protect your computers and USC’s data from this serious threat.

What to Know

  • Depending on the configuration of your computer, an attacker that successfully exploits this vulnerability would either be able to take full control of it remotely over the internet (Remote Code Execution) or become an Administrator on your computer after compromising it through other means (i.e., local privilege escalation).
  • All versions of Windows 7, Windows 8, Windows 10, Windows Server 2008, Windows Server 2012, Windows Server 2016, and Windows Server 2019 are affected by this issue.
  • A Windows update released by Microsoft on Wednesday, July 7 that will prevent attackers from taking over your computer remotely, but it does not prevent privilege escalation.
  • You may be able to disable the Windows Print Spooler service which will protect you from attackers but prevent you from printing. For more information on this option, see the following links:
  • As of Thursday, July 8, there is no update or fix that prevents remote code execution, prevents local privilege escalation, AND allows printing.

What to Do

  • Immediately apply the latest Windows Security updates for your version of Windows.
  • Install SentinelOne Endpoint Detection and Response software provided for free by USC. This will help USC Security Operations detect any attempts by malicious actors to hack your computer.
  • Contact OCISO’s Vulnerability Assessment and Penetration Testing Team (VAPT) at secops-va@usc.edu with any questions, comments or concerns.

We will update this page as the situation develops. Please feel free to reach out to the VAPT team with any concerns and thank you for doing your part to secure USC!