Microsoft has issued a fix for a critical bug dubbed PrintNightmare.
It says, hackers are using the bug, accidentally disclosed by researchers.
It can help them “install programs; view, change, or delete data; or create new accounts with full user rights” remotely on all versions of Windows.
It affects the Windows Print Spooler, software that manages printing, controlling the order in which print jobs from computers in an office are put in a queue, for example.
Max Heinemeyer, of computer security firm Darktrace, told the BBC PrintNightmare was like, “a cyber bazooka – it is relatively easy for criminals to use and can be leveraged to make a huge impact”.
He praised Microsoft for responding quickly and offering fixes, “even for products no longer under official support”.
The fix, a patch, is available for systems as far back as Windows 7.
Updates are not yet available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012 but would be “soon”, Microsoft says.
But The Register noted: “The first two versions mentioned are five years old and could well be quite widely used.”