Important: Microsoft Security Bulletin MS16-087

Version 3

    Microsoft recently announced a patch for a critical security vulnerability in their Print Spooler service. This patch is available via Windows Update; more information is available here: https://technet.microsoft.com/library/security/MS16-087. It’s important that you perform this update as soon as possible.

     

    In addition to this important Windows patch, we’d like to remind our Uniprint customers that drivers are included in Pharos packages and are not downloaded from servers in the manner described in the security bulletin. Therefore, as long as printing is done via Pharos print servers (the typical configuration) then risk is minimized. The same applies to our Blueprint customers. As long as print jobs are sent to Pharos Blueprint servers, users would not be vulnerable to this exploit.

     

    However, the possibility still exists that in an unpatched environment, an attacker could implement a rogue print server on the network in such a way as to spoof a workstation client into thinking it’s connecting to a safe server.