Update: 8/12/2021: It turns out, there’s a new PrintNightmare vulnerability, so this situation isn’t over just yet.
The PrintNightmare vulnerability has been a serious problem for Microsoft to deal with, but the company may finally have the situation under control thanks to a new Windows update that it just announced on the Microsoft Security Response Center.
How Did Microsoft Fix The PrintNightmare Issue?
Microsoft says that it managed to change the default behavior of Point and Print to make it more secure. Now, the Point and Print driver installation and update behavior will require administrator privileges, which should prevent the exploit to the Windows Print Spooler that could be used by malicious individuals to gain administrative privileges in Windows.
An individual was able to use a custom print server to gain access through this exploit. However, with this update, Microsoft says that it can “mitigate the publicly documented vulnerabilities in the Windows Print Spooler service.”
Unfortunately, there is a drawback, as non-elevated users may have difficulty adding or updating printers. Microsoft feels that the security risks caused by PrintNightmare are worth the tradeoff, though.
If you really want to let non-elevated users add printers, you can follow the instructions in this Microsoft Support article to disable this mitigation with a registry key. However, doing so will expose you to this known vulnerability and isn’t recommended.
How to Get The Update
If you have automatic Windows updates on, then you shouldn’t have to do anything.
For those who don’t have the feature turned on, you’ll need to update Windows manually. To do so, click “Update and Security” and then click “Check for Updates.” Next, look for version KB5005033 to apply the patch and ensure your computer is protected from this critical vulnerability. Your computer should restart automatically during the process, and you’ll be good to go.
Originally posted 2022-11-10 06:51:43.