This crucial Windows update finally fixes the PrintNightmare vulnerability

By Arif Bacchus Published August 10, 2021

Microsoft has issued a new security patch for the issues surrounding the PrintNightmare vulnerability in Windows. This time around, Microsoft is changing the default Point and Print driver installation and update behavior to require administrator privileges.

According to Microsoft, this latest change comes because the company believed the default behavior of Point and Print did not provide its customers with “the level of security required to protect against potential attacks.” This basically addresses the issue from early August where a cybersecurity researcher managed to exploit the Windows Print Spooler and gain administrative privileges in Windows by using a custom print server.

A printer sitting on a desk next to coins. — Image used with permission by copyright holder

The change will take effect with the latest security updates released for all versions of Windows as part of what’s known as “Patch Tuesday.” On Windows 10 version 21H1 (The May 2021 Update,) and the two more recent versions of Windows 10, you can head to Windows settings, click Update and Security, followed by Check for Updates. You can then look for KB5005033 in the list to apply the patch (and then this change) to your machine. Your PC will restart as part of the process.

Recommended Videos

“The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service,” said Microsoft.

After installing this patch, the ability for non-elevated users to add or update printers might be impacted. Microsoft says that the security risks of PrintNightmare justify this change. If you still want non-elevated users to add or update printers to add or update printers, you can do so with a registry key. This, however, is not recommended as it will expose your PC to publicly known vulnerabilities in the Windows Print Spooler service.

PrintNightmare has been a tricky issue for Microsoft to fix. Since the vulnerabilities in the Windows Print Spooler service were first discovered back in July, Microsoft issued one big patch which it said addressed the issue. Security Researchers then dug deeper into the patch and exposed two other flaws beyond what Microsoft had already fixed.

To ensure that you’re protected against PrintNightmare, Microsoft urges you to update your PC as soon as possible. If you have automatic updates turned on, you’re automatically protected and won’t have any issues.

Topics

Former Digital Trends Contributor

Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…

Computing

This optional Windows 11 update is totally worth installing

Windows Update running on a laptop.

Your Windows 11 computer is about to get even better, thanks to the latest KB5041587 update. As Microsoft mentioned in a support page post, this update makes Android file sharing easier, fixes bugs in File Explorer, and adds performance tweaks to Windows Narrator and the voice access feature.

The new update allows you to share files more quickly with your Android device using the Microsoft Phone Link app. You'll need to install the app on your Android device and your Windows 11 computer and go through the setup process, which includes giving quite a few permissions. When sharing from your PC, choose the Phone Link as the destination app, and when sharing from your Android device, select the link for the Windows app as your sharing option.

Computing

There’s a scary new way to undo Windows security patches

Security patches for Windows are essential for keeping your PC safe from developing threats. But downgrade attacks are a way of sidestepping Microsoft's patches, and a security researcher set out to show just how fatal these can be.

SafeBreach security researcher Alon Leviev mentioned in a company blog post that they'd created something called the Windows Downdate tool as a proof-of concept. The tool crafts persistent and irreversible downgrades on Windows Server systems and Windows 10 and 11 components.

Computing

I really hope this potential change to Windows updates is true

Windows 11 updates are moving to once a year.

Windows updates have always required a restart to your PC, which is a hassle. However, Microsoft may use hot-patching to make it easier for PCs with Windows 11 24H2 to apply updates without having to reboot their computers.

A support page mentioning the change was first spotted by PhantomOcean 3 in a post on X (formerly Twitter) before the software giant took down the page.