CISA Warns To Disable Windows Print Spooler On Servers Not Used For Printing

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a notification regarding the critical PrintNightmare zero-day vulnerability and warned admins to disable the Windows Print Spooler service on servers not used for printing. "Additionally, administrators should employ the following best practice from Microsoft's how-to guides, published January 11, 2021," with those guides recommending the Print Spooler to be disabled on all the Domains Controllers and Active Directory admin systems via a Group Policy Object. To mitigate future attacks the feature is recommended to be disabled on all servers that don't require it. Read more...