Last week, a new Windows security vulnerability, called PrintNightmare, that uses printing services to gain administrative access to PCs was reported. Yesterday, Microsoft provided a patch for this vulnerability which has been deployed to University-owned computers.
PrintNightmare, if exploited, could take advantage of the Print Spooler service on most SMU-managed Windows PCs to gain admin access to the device. The Update removes the remote code execution exploit in the Windows Print Spooler service and, as an added benefit, removes the outdated Adobe Flash from the computer. Once deployed, users will be prompted by Ivanti to reboot the computer to finish the install. Please do so at your easiest convenience.
As a reminder, printing is always available using the print-by-email feature provided by PaperCut. Information on PaperCut printer locations and how to use print-by-email is available at smu.edu/printing.
If you have any questions, please contact the IT Help Desk at 214-768-HELP or help@smu.edu.
More information about PrintNightmare, Critical Windows Print Spooler Vulnerability, can be found on the Cybersecurity and Infrastructure Security Agency (CISA) website at https://us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability.
