sneak attack

Windows has a 20-year-old flaw that lets printers install malware on your PC

Thankfully, a patch for it has been released.

MOST OF THE time, any flaw or bugs that pop up on your computer come from new updates or changes.

In the case of Windows, a flaw which allowed attackers to secretly install malware on computers through a printer, either directly or through a local area network, has been around for the good part of two decades.

The issue comes from Windows Print Spooler, which manages the process of connecting to printers and queuing up documents for printing.

As it doesn’t verify whether a printer’s drivers are the real deal or not, it’s possible for someone to connect a printer and it will install and work automatically. This gives an attacker an easy way to install malware through it.

The flaw was originally discovered by security firm Vectra, which found that one attack gave it “system rights on any workstation that connect to your printer”.

On a print server, cups or Microsoft, we could expect to have anti-virus, file integrity check, or other solution to monitor the host and change to it.  However, a printer driver is much less likely to have any of those defenses in place. Not only will that unit be able to infect multiple machines in your network, but it would also be able to reinfect over and over.

The saving grace is that for it to work, the attacker needs to connect the device to a PC or a local network for it to start infecting anyone, meaning the threat is limited to public hotspots and other similar situations.

Microsoft has issued a patch fixing the issue so if you’re using Windows Vista, 7, 8 or 10, you can install it now. Those who are still using older versions like Windows XP, which you shouldn’t be for a multitude of reasons, aren’t covered.

There is still a sizeable number of PCs running XP – it’s believed that close to 10% of computers worldwide still use it.

While exploiting such a flaw like the one above is challenging, it does highlight how you shouldn’t just automatically connect to a hotspot or printer server without taking a few precautions.

Read: Photo apps are in a rut, but these two might shake things up a bit >

Read: A US holocaust museum is asking Pokémon Go players to keep away >

Your Voice
Readers Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.