Security News > 2021 > August > Microsoft fixes Windows Print Spooler PrintNightmare vulnerability

Microsoft has fixed the PrintNightmare vulnerability in the Windows Print Spooler by requiring users to have administrative privileges when using the Point and Print feature to install printer drivers.

In June, a security researcher accidentally disclosed a zero-day Windows print spooler vulnerability dubbed PrintNightmare.

Researchers quickly found that it was possible to exploit the Point and Print feature to install malicious print drivers that allowed low-privileged users to gain SYSTEM privileges in Windows.

Point and Print is a Windows feature that allows users to connect to a print server, even a remote Internet-connected one, and automatically download and install the server's printer drivers.

"Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges. The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service."

Microsoft strongly recommends that users do not disable this change as it "Will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service".

News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-print-spooler-printnightmare-vulnerability/