Windows security bug could let hackers hijack your printer

News
By published

Flaw affects Windows printing service, despite Microsoft releasing a patch

(Image credit: Shutterstock)

Windows users have been warned to ensure their security protections are up to date following the disclosure of a new bug that could affects printer services.

Researchers were able to bypass recent patches to exploit a flaw that could allow hackers to take over a private network after hijacking individual printing devices.

The flaw affects Windows Print Spooler, the service that manages the printing process, giving third-parties admin privileges that could be exploited to run malware.

Printer security

The bug, known as CVE-2020-1048, was uncovered by Peleg Hadar and Tomer Bar of SafeBreach Labs, who reported the flaw to Microsoft. The computing giant had released a fix for the issue back in May, but it seems this protection was incomplete. 

The researchers discovered that they could take advantage of CVE-2020-1048 by crafting malicious files that are parsed by Windows Print Spooler, including .SHD (Shadow) files that contain metadata for print jobs such as the ID of the system user, and SPL (Spool) files that contain the data that is due to be printed.

These files are processed by a function called ProcessShadowJobs, which places SHD files into the spooler folder when printing starts. 

However as Windows Print Spooler runs with SYSTEM privileges and any user can drop SHD files into its folder, the researchers were able to use modified SHD files to include a SYSTEM SID, add it to the Spooler’s folder, and restart the computer for the Spooler to perform the task with the rights of the most privileged account on Windows.

Microsoft now says it will fix the flaw in its next security update, scheduled for August 11, but this means some user systems remain at risk until then with no fix in sight.

Users may want to hold off downloading any initial Microsoft patches though, after recent releases did more harm than good, with the June 2020 update causing serious problems with printers – breaking printer functionality completely, or elements of it, such as causing wireless printing to fail.

Via Bleeping Computer

Mike Moore
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Pro
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Racks of servers inside a data center.
Modernizing data centers: an efficient path forward
Dr. Peter Zhou, President of Huawei Data Storage Product Line
Why AI commonization is so important for business intelligent transformation and what Huawei’s data storage has to offer
Wix automation
The world's leading website builder aims to save businesses time with new tool
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Latest in News
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
More about pro
SanDisk Extreme PRO with USB4

Testing the new SanDisk Extreme PRO with USB4 SSD proved both challenging and revealing
Half man, half AI.

Generative AI has a long way to go as siloed data and abuse of its capacity remain a downside – but it does change the game for security teams
Eizo FlexScan FLT

Behold the world's most power-efficient monitor — the EIZO FlexScan FLT
See more latest
Most Popular
Eizo FlexScan FLT
Behold the world's most power-efficient monitor — the EIZO FlexScan FLT
A close up of a xenomorph with Earth reflected on its head in the Alien: Earth TV show teaser
Alien: Earth: everything we know so far about FX's upcoming Alien TV show coming to Hulu and Disney+
Half man, half AI.
Generative AI has a long way to go as siloed data and abuse of its capacity remain a downside – but it does change the game for security teams
diamond gemstone
Diamond set to become mainstream coolant for AI GPU servers as world’s best thermal conductor promises 25% better overclocking, and 'double performance per watt'
Zuckerberg Meta AI
Meta powers ahead with conscious chip uncoupling with Nvidia as it tests its first in-house training AI-PU
Email
Over 90% of Americans demand a "right-to-disconnect" law which would protect them from out-of-hours work communication
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 16 (game #378)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 16 (game #1147)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 16 (game #644)