Security News > 2021 > July > How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare
This week, PrintNightmare - Microsoft's Print Spooler vulnerability was upgraded from a 'Low' criticality to a 'Critical' criticality.
Print Spooler in a nutshell: Print Spooler is Microsoft's service for managing and monitoring files printing.
PrintNightmare vulnerability: As soon as an attacker gains limited user access to a network, he will be able to connect to the Print Spooler.
Your best option when it comes to mitigating the PrintNightmare vulnerability is to disable the Print Spooler on every server and/or sensitive workstation.
By changing 'Allow Print Spooler to accept client connections', you can restrict users' and drivers' access to the Print Spooler to groups that must use it.
There might be entries with error messages that indicate Print Spooler can't load plug-in module DLLs, although this can also happen if an attacker packaged a legitimate DLL that Print Spooler demands.