Security News > 2021 > July > Did Microsoft Botch the PrintNightmare Patch?

Just days after shipping an emergency Windows update to cover a dangerous code execution flaw in the Print Spooler service, Microsoft is investigating a new set of claims that its so-called 'PrintNightmare' patch has not properly fixed the underlying vulnerability.

The company followed up with a blog post late Thursday insisting the emergency patch is "Working as designed" and "Effective against the known print spooling exploits."

"All reports we have investigated have relied on the changing of default registry settings related to Point and Print to an insecure configuration," the company said, referring to a Windows capability that allows a Windows client to create a connection to a remote printer without providing disks or other installation media.

The 'PrintNightmare' issue has been a self-inflicted thorn in Microsoft's side since the June Patch Tuesday when it misdiagnosed the severity of a Print Spooler flaw, only to update its guidance a few weeks later to confirm remote code execution vectors.

Print Spooler, turned on by default on Microsoft Windows, is an executable file that's responsible for managing all print jobs getting sent to the computer printer or print server.

The U.S. government's CISA cybersecurity agency is urging Windows fleet admins to disable the Windows Print spooler service in Domain Controllers and systems that do not print.

News URL

http://feedproxy.google.com/~r/securityweek/~3/PqEJjMi6APQ/did-microsoft-botch-printnightmare-patch