The Computer Emergency Response Team Coordination Center (CERT/CC), part of the Software Engineering Institute at Carnegie Mellon University, this week reported a critical remote code execution vulnerability impacting the Windows Print Spooler service that allows a remote authenticated attacker to execute arbitrary code with system privileges on a vulnerable system. Until Microsoft fixes the PrintNightmare vulnerability, for which the exploit code is publicly available, the company advises customers to disable printing services where possible.
 
John Riggi, AHA's senior advisor for cybersecurity and risk, said, “This critical vulnerability has the potential to be highly disruptive for hospitals and health systems. Simply disabling print services in hospitals and health systems is not an option as we have already heard from multiple sources in the field. Printing services are used for everything from printing patient identification wristbands to labels for IV medications. Continuing essential patient care services must be balanced with the potential for remote exploitation of this vulnerability. We anxiously await further information and updated patches from Microsoft. The AHA has been in contact with multiple government agencies and will continue to closely monitor the situation and advise the field.”

For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

 

Related News Articles

Headline
The Cybersecurity and Infrastructure Security Agency, National Security Agency and international agencies Sept. 3 released joint guidance outlining a “software…
Headline
Chinese state-sponsored cyber actors are maliciously targeting networks globally, including telecommunications, government and others, according to a joint…
Headline
The FBI Aug. 20 released an advisory warning of malicious activity by Russian cyber actors targeting end-of-life devices running an unpatched vulnerability in…
Headline
The Cybersecurity and Infrastructure Security Agency, Environmental Protection Agency, National Security Agency, FBI and international agencies Aug. 13…
Headline
The Department of Justice Aug. 11 announced a series of actions taken against the BlackSuit ransomware group, also known as “Royal,” including the disruption…
Headline
The FBI, Cybersecurity and Infrastructure Security Agency and international agencies July 29 released a joint advisory on recent tactics by the Scattered…