Microsoft, Michigan discussed on Security Now
You're able to you know they've sort of tried to to to keep people running with minimal privileges while not inconveniencing people who occasionally need to install a program for example anyway. The bad news is what microsoft did failed to resolve the other trouble which was the remote code execution vulnerability. They you know they did something toward limiting privileges but not keeping random code from being provided remotely and running so as we also explained last week it turns out that over the years while windows was quietly requiring the prince buhler service to always be running it was also adding some fancy new on the fly printer driver installation options and there in lies the problem. And it's actually a problem. That microsoft is now saying we're not going to be fixing that but we'll get to that in a second in a big networked office environment. What happens if your locals wind your local windows client. You know the machine that you're perched in front of doesn't currently contain a driver for some printer in another on campus building for example to which you've been told to send something so wouldn't it be slick apparently thought microsoft if windows could see that it's michigan needed driver for that printer. Go find it somewhere. Typically from the printer server that is trying to access have it installed like a tottenham asli into your local machine for you to then print through that now present driver to a remote printer that need you to have that driver in order for you to to it without all like having had this all happened. The background in this case in answer to are often posted rhetorical question. What could possibly go wrong. We learn that bad guys have figured out how to trick windows into downloading their mel there by disguising it as a printer driver and saying to windows the equivalent of ono. We need this printer. Driver now microsoft describes this capability which was added like way back in windows two thousand as point and and so in their description of point imprint. They say point in print is a term that refers to the capability of allowing a user on a windows. Two thousand and later client is still here today with us to create a connection to a remote printer without providing disks or other installation media. Of course the south of this was written back in windows two thousand what actually had disc or installation media like. Oh it's in the box. Oh i have a box so anyway. They said all necessary files and configuration. Information are automatically downloaded from the print server to the client. Isn't that handy. they said. Point and print technology provides two methods. By which you can specify files that should be sent from the printer. Server to the client machine files could be associated with a printer driver. These files are associated with every print queue that uses the driver or.