Advisory Notice - Critical Windows Vulnerability - Printnightmare

A critical windows vulnerability was announced in the Microsoft print spooler service and exploits are available in the wild.

This vulnerability allows an attacker with valid domain credentials to perform local privilege escalation and/or remote code execution on any host running the RPC/print spooler service. Print spooler service should be turned off on systems that do not require it and apply the Microsoft patch. In line with the Canadian Centre for Cyber Security and Microsoft consensus for navigating this situation, UIT has disabled the print spooler service on all domain-joined UIT managed windows servers and will remain disabled until further notice. UIT print servers are unavailable.

UIT is actively working to restore the print service as soon as it is safe to do so. Faculty IT Groups are strongly advised to take similar action.

More information is available from Microsoft: