This post will be quick, if you haven’t heard about PrintNightmare take a look to this article: https://www.bleepingcomputer.com/news/security/public-windows-printnightmare-0-day-exploit-allows-domain-takeover/
In order to avoid some ransom in our companies, just disable the service Print Spoler on WIndows 10 and Windows Server environments.
In order to do that, just open a PS as an admin and run the following:
Stop-Service -Name Spooler -Force #prevent the service from starting again during restart Set-Service -Name Spooler -StartupType Disabled
That’s all! take care!