20-year-old Print Spooler flaw exposes all Windows versions to malware


Posts: 3,073   +97

Researchers at Vectra Networks have discovered a roughly 20-year-old flaw in Windows Print Spooler that could allow an attacker to gain system-level control over a PC via infected or fake printer drivers. The vulnerability is said to affect all Windows versions but if you are using Vista or later, Microsoft already addressed the bug on the latest Patch Tuesday.

That attack is possible due to a feature in Windows that allows people who are connecting to a network-hosted printer for the first time to automatically download the necessary driver immediately before using it. Because the Windows Print Spooler doesn't properly authenticate print drivers when installing them from remote locations, attackers can use several different techniques to deliver modified drivers and use a printer, printer server, or potentially any network-connected device posing as a printer to infect machines whenever they connect.

The exploit works on Windows versions dating back to Windows 95, which Microsoft stopped supporting years ago. This also means that millions of old XP PCs are vulnerable too.

Vectra disclosed this vulnerability to Microsoft in April 2016 and worked with the company on a patch. According to the Security Bulletin MS16-087, Microsoft addressed this vulnerability by correcting how the Windows Print Spooler Service writes to the file system and by issuing ‘warnings’ when someone attempts to install unfamiliar print drivers. Knowing how most users respond to warnings, however, some security experts don’t see this like an effective approach.

This months collection of patches address over 52 vulnerabilities in total, packaged into 11 bulletins, six of them rated as critical and the remaining patches rated as important. None of the vulnerabilities addressed in the bulletin have known zero-day exploits.

Permalink to story.



Posts: 837   +441
USB thumb drives.
Flash players.
Image files.
Plug ins.

... and now Print Spoolers.

The AV/Malware protection profiteers love this news !

Raoul Duke

Microsoft executives view of the Windows 10 user:

Actual photo of Windows 10 user experience:


Posts: 351   +173
This isn't new that printers have malware flaws that cause issues, if directly connected or over a network.

The problem is easily solved... printers must die. Discuss...

Inks pricier than gold even more so now that brands drm cartridges with chips. And they always have connection issues. Never want to print... they never work, they just sit their idly like a Mexican... (I jest, I watched too much south park).

Can you imagine if printers had to have built in AV and Malware software and firewalls to hinder connecting to them even more. Maybe some do I've just never seen one. But it's crazy to think how useless these things really are...

Let's save trees by living in them not cutting them down fellow hippies. Death to the printer


Posts: 2,648   +1,807
I just replaced a fuser on an M451dn and it wasn't even a year old. Fun little job.
Our HP 401n/402n's replacement fusers cost as much as the damn printer does new.
Legal thieves.


Posts: 5,464   +6,148
Great, this goes perfect with Microsoft's newly subscription based windows enterprise. If a network hack from 10 years ago hasn't been fixed I'm sure you'll love your new cloud based operating system!
Last edited:


Posts: 3,494   +4,182
Microsoft executives view of the Windows 10 user:

Actual photo of Windows 10 user experience:

I see you've figured out which half of the population their marketing to (well, not counting trannies, of course). I guess Microsoft thinks only women are dumb enough to try and use their PC like a phone.


Posts: 619   +92
But this would have only caused a potential issue if you decided to install drivers from third party websites. So it would have only been numpties that got infected anyways so whats the problem?