PrintNightmare – Disable Printing? Yeah right…

Not long ago, we received a warning that a vulnerability labeled CVE-2021-1675 and better known as “PrintNightmare” had been unleashed on Microsoft Windows users globally. While printing can be a nightmare on a normal day, this situation escalated the matter to a whole new level. In short, a vulnerability was discovered in Windows that empowered ill-intentioned personalities to gain full access to computers on a network, even servers, with just a single user’s credentials. This is especially problematic because servers typically are associated with a “domain,” operated by a central server known as a “domain controller,” which can access all servers and workstations on the network. If an attacker successfully exploited this vulnerability on a domain controller, they would subsequently have access to all servers and workstations in your environment.

What makes this even worse is that this happened on June 29. Just about the end of the month. And for title agencies in their usual state of end-of-the-month chaos or service workers closing out Q2 operations, the cure might have been worse than the disease: disable printing service until further notice from Microsoft. In other words, just shut down all the printers in your office as the clear-to-closes come screaming in or end-of-quarter contracts are being signed.

Not an option.

To ensure that clients remained functional, yet safe, Premier One took a two-staged approach: For servers not involved in printing operations, we implemented Microsoft’s recommendation of disabling printing services, since these are enabled by default on every Windows system. For servers that are necessary for printing operations, we implemented a security policy that would prevent attackers from uploading malicious code to a print server even if they were able to launch an attack against this vulnerability.

While this type of vulnerability is critical and widespread, it is also becoming far too common. We see new attacks like this regularly, and security solutions from years ago just aren’t strong enough to mitigate attacks with this level of sophistication.

This is why Premier One has built upon its long-standing baseline security solutions to offer and recommend additional layers of advanced security incorporating new technology to handle modern threats.

From AI-based email threat protection to 24/7/365 human-staffed security operations centers and compliance management, Premier One has a solution for your organization to step up security against modern attacks like we have never seen before.

Share this post