Security News > 2021 > August > Microsoft Takes Another Stab at PrintNightmare Security Fix

After weeks of struggling to properly resolve security defects in the Windows Print Spooler utility, Microsoft is making a major default change to the way Windows interacts with the problematic Point and Print driver.

This move is meant to be a more comprehensive fix for dangerous security flaws publicly known as PrintNightmare that expose users to remote code execution and privilege escalation attacks.

"Our investigation into several vulnerabilities collectively referred to as"PrintNightmare" has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks," according to a statement from the Microsoft Security Response Center.

The default change takes effect with the installation of the August batch of security updates for all versions of Windows.

The PrintNightmare security problems first emerged in June this year when Microsoft misdiagnosed the severity of a vulnerability to confirm the risk of code execution attacks.

In July, Microsoft shipped an emergency patch to provide cover for Windows users but security experts soon discovered that the patch did not properly fix the underlying vulnerability.

News URL

http://feedproxy.google.com/~r/securityweek/~3/W0HC3NR1j_M/microsoft-takes-another-stab-printnightmare-security-fix