This vulnerability in question is known as PrintNightmare and it was under constant exploit from malicious entities. When exploited, it allowed attackers to install software; view, alter, delete data; or even create new accounts with full user rights. However, user reports are indicating that the patch doesn’t really fix the entire issue. KB5004945 is a new security update that has been released for any Windows version newer than v2004. Users who have Windows 10 version 1909 will first get the KB5004946 patch, and then the PrintNightmare patch will also be installed.
The patch is available for multiple Windows versions
The above-mentioned security patch is now available for quite a few versions of Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2021 R2, Windows Server 2008, and Windows RT 8.1. If you are a Windows 7 user, this patch is also available for you, even though the operating system is out of support. The only OS versions for which this patch is currently unavailable are Windows 10 version 1607, Windows Server 2016, and Windows Server 2012, but Microsoft stated that they are working on it. This whole situation seems to be pretty serious, considering that the software is also addressed to Windows 7, this fact being an indicator of the severity of the problem. Even more, knowing the Windows 7 OS has been out of support ever since January 14, 2020. Information about this also circulated on social media, where security researchers said that Microsoft’s patch only addresses one element of the vulnerability. SPONSORED What’s disconcerting is that malicious third parties can still target these vulnerabilities. Word on the internet is that there are ways for people to completely bypass Microsoft’s patch and target vulnerable systems. — Hacker Fantastic (@hackerfantastic) July 6, 2021 This is achieved via remote code execution in addition to the previous local privilege execution. As you can see, Microsoft is taking this threat very seriously, so we think that you should too. So a RCE (and LPE) with #printnightmare on a fully patched server, with Point & Print enabled
https://t.co/Wzb5GAfWfd pic.twitter.com/HTDf004N7r — 🥝 Benjamin Delpy (@gentilkiwi) July 7, 2021
Update to Windows 10 Version 20H2 & 21H1
1. Open Windows Update
2. Perform the update
How can I fix the Print Spooler PrintNightmare without updating?
Even though it is not recommended that you follow this path, it might be useful in the case of some users, so here are the required steps to successfully stop the Print Spooler service: Performing these steps will ensure that Windows will firstly disable the corrupted service, and the second command will stop it from running at the startup of your system. If for any reason, you will want to revert these changes at some point, you can run the following commands:
To start the service again: Start-Service -Name Spooler To allow it to run at Windows startup: -Name Spooler -StartupType Automatic
Microsoft now urges users to install this security update and make the best efforts to keep their private content inaccessible to external sources. Online safety should be one of the first things on our minds, seeing how these threats can greatly impact individuals and companies alike. What extra security measures are you taking, to protect your data? Let us know in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
