Ahem, here we go again. Microsoft has published a call for users of all Windows versions from Windows 7 to Windows 10 to allow a new set of security updates that correct a vulnerability in their (Microsoft’s) print spooler service. A third party spotted the vulnerability and then published it along with why they found it to be a serious problem and Microsoft claims that this has lead them to make this plea to users.
How serious is this vulnerability? Folks who have not installed HP printers on their system and thus have the original form of the print spooler may include this vulnerability which can allow a remote agent to authenticate code as being from a supervisor account and initiate its execution (a hacker’s dream situation). So far, none of the mainstream anti-malware, anti-virus packages (Norton, McAfee, Eset, Avast, and more) provide protection against this kind of assault; but a few products do by design (Sophos, Malwarebytes for instance) because they do not look for specific behavior or content but rather activity, propensity, and links + paths in addition to the standard methods of protection.
This event caught my attention because a couple of watchdog services and magazines flagged these updates as buggy or potentially problematic. If you happen to have a printer that uses special features in the driver (HP, Brother, Kyocera, and a few others), these security updates could disable printing or some features of printing or possibly even the normal boot sequence for your system or server. Yet another third party claims to have released a set of tools for correcting the bugs in the security updates; but, I have seen no evidence of the efficacy or safety of those tools thus far.
A second issue is that Microsoft has long since removed the option for users to pick and choose security updates of this level of importance, so they are likely to install with no notice to the user and no opportunity to avoid them. We will know the updates have been installed when something goes wrong, after it is too late to do anything about them.