• About
  • Advertise
  • Careers
  • Contact Us
Tuesday, June 24, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
ADVERTISEMENT
Home Business Security

PrintNightmare – Cybercriminals are Increasingly Exploiting Vulnerabilities in Windows Print Spooler

by Yinka Okeowo
May 11, 2022
in Security
1
UBA
Advertisements

Kaspersky researchers have revealed that the number of attacks exploiting numerous vulnerabilities in Windows Print Spooler have risen noticeably over the past four months.

Even though Microsoft regularly releases patches for its Print Spooler, software that manages the printing process, cybercriminals continue to actively exploit its vulnerabilities.

This gives them the opportunity to distribute and install malicious programs on victims’ computers that can steal stored data.

Over the past year, various vulnerabilities in Windows Print Spooler have been discovered. By abusing them, cybercriminals have been able to take control of servers and victims’ machines, even without a special admin access.

The most well-known vulnerabilities are CVE-2021-1675 and CVE-2021-34527 (aka PrintNightmare), which were discovered in late June 2021.

PrintNightmare was accidentally published by researchers as a proof of concept (PoC) exploit for a critical Windows Print Spooler vulnerability.

The exploit was quickly removed from GitHub, however, some users had already managed to download it and then republished it.

In late April 2022, a highly severe vulnerability (tracked as CVE-2022-22718) was also discovered in Windows Print Spooler.

Microsoft had already issued a patch against this threat, but the attackers were still able to exploit this vulnerability and gain access to corporate resources.

Kaspersky researchers discovered that cybercriminals made approximately 65,000 attacks between July 2021 and April 2022. Moreover, Kaspersky experts detected that roughly 31,000 of these hits occurred during the last four months, from January to April.

This suggests that vulnerabilities in Windows Print Spooler remain a popular attack route for cybercriminals, which means users need to be aware of any patches and fixes that Microsoft releases.

Printnightmare by windows
Advertisements
MTN ADS
| PrintNightmare – The global statistics on detections of attacks exploiting Windows Print Spooler vulnerabilities from July 2021 to April 2022 (Source: Kaspersky)

The exploitation of vulnerabilities in Windows Print Spooler has hit numerous countries, with the number of overall attacks still growing. From July 2021 to April 2022, nearly a quarter of detected hits came from Italy.

After Italy, users in Turkey and South Korea were the most actively attacked. Kaspersky researchers also discovered that over the past four months attackers were most active in Austria, France and Slovenia.

printnightmare
| Top 5 countries being targeted by attacks exploiting Windows Print Spooler vulnerabilities from July 2021 to April 2022 (Source: Kaspersky)

“Windows Print Spooler vulnerabilities are a hotbed for emerging new threats. We anticipate a growing number of exploitation attempts to gain access to resources within corporate networks, accompanied by a high-risk of ransomware infection and data theft. Through some of these vulnerabilities, attackers can gain access not only to victims’ data but also to the whole corporate server. Therefore, it is strongly recommended that users follow Microsoft’s guidelines and apply the latest Windows security updates,” comments Alexey Kulaev, security researcher at Kaspersky.

To protect yourself from cybercriminals’ attacks through vulnerabilities in the Windows Print Spooler, Kaspersky recommends:

  • Installing patches for new vulnerabilities as soon as possible. Once downloaded, threat actors can no longer abuse the vulnerability.
  • Performing a regular security audit of your organisation’s IT infrastructure to reveal any gaps and vulnerable systems.
  • Using a protection solution for endpoints and mail servers with anti-phishing capabilities to decrease the chance of infection through phishing attempts.
  • Using dedicated services that can help fight against high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and stop attacks in their early stages, before attackers achieve their goals.
  • Installing anti-APT and EDR solutions, enabling threat discovery and detection, along with investigation and timely remediation of incidents’ capabilities. Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training. All of the above is available within the Kaspersky Expert Security framework.

Loading

Author

  • Yinka Okeowo
    Yinka Okeowo

    View all posts
0Shares
Tags: Print SpoolerPrintNightmareSoftwareWindows
Yinka Okeowo

Yinka Okeowo

Next Post

Tablet, Chromebook Shipments Declined in Q1 2022

Comments 1

  1. Pingback: Cybercriminals are Increasingly Exploiting Vulnerabilities in Windows Print Spooler – TechEconomy.ng | #microsoft | #hacking | #cybersecurity - NATIONAL CYBER SECURITY NEWS TODAY

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

NNPC and Golar LNG

NNPC Progresses Floating LNG Project with Golar LNG

1 year ago

Joeboy hits 100 million streams on Boomplay

3 years ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Telecoms
      • Mobility
      • Environment
      • Travel
      • StartUPs
        • Chidiverse
      • TE Insights
      • Security
    • Partners
    • Economy
      • Finance
      • Fintech
      • Digital Assets
      • Personal Finance
      • Insurance
    • Features
      • IndustryINFLUENCERS
      • Guest Writer
      • EventDIARY
      • Editorial
      • Appointment
    • TECHECONOMY TV
    • Apply
    • TBS
    • BusinesSENSE For SMEs

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.