Whenever software is updated, security experts are usually pretty quick to spot flaws that could lead to malware infections, aided by various bug bounties and the like. However, some potential flaws slip through the net for days, weeks, months, years and – very rarely – decades. Vectra Networks has found one such flaw that dates back around 20 years.
The problem originates in Windows Print Spooler – part of the operating system’s software that (as the name suggests) deals with the printing process. The problem is that the spooler doesn’t bother to verify whether a printer’s drivers are legitimate when a printer is plugged in, meaning that it’s possible for malicious types to slip their own nasty drivers onto the computer without raising any flags within Windows. Not only that, but it can infect any computers on the network and keep infecting machines as they discover the dodgy printer.
READ NEXT: Hospitals and national grid “will be hacked in 2016”
Microsoft has been very quick at
As threats go, this one is pretty limited given it needs an attacker to actually attach a printer to the network, which is hard to do stealthily, but forearmed is forewarned.
Images: gosheshe and Kevin Cortopassi used under Creative Commons
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
