Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET! Learn What IT Pros Need to Know About Windows 11 - August 24th at 1 PM ET!
Windows Client OS|Windows Server

Microsoft Releases Emergency Update to Patch PrintNightmare Vulnerability

Microsoft has released an out-of-band patch that will plug up a hole in a known zero-day exploit. Known as PrintNightmare, the patch is now being released via Windows Update.

At the heart of the issue is a remote code vulnerability that would allow an attacker to use Windows Print Spooler to perform privileged file operations. An attacker who successfully exploited this vulnerability would be able to view, change, or delete data; or create new accounts with full user rights.

The patch released today is KB5004945 which is linked to CVE-2021-34527 and is known to be actively exploited by malicious agents. Meaning, you need to patch your system as soon as possible to make sure your environment is not left exposed.

Microsoft notes in their release that after you install the patch, all users are either administrators or non-administrators, delegates will no longer be honored.

Sponsored Content

Read the Best Personal and Business Tech without Ads

Staying updated on what is happening in the technology sector is important to your career and your personal life but ads can make reading news, distracting. With Thurrott Premium, you can enjoy the best coverage in tech without the annoying ads.

At this time, there are patches for Windows 10, Windows 8.1, Windows 7, Windows Server 2008 SP2, Windows Server 2012 – Microsoft is closing this vulnerability to software that is also no longer officially supported by the company.

If you find that you are not able to install these updates, there are mitigations available. The company says that to address the PrintNightmare vulnerability, you can disable Print Spooler service to remove printing capability locally and remotely or you can disable inbound remote printing through Group Policy as a means to protect your environment.

It’s rare for Microsoft to release an out-of-band patch that goes to show the severity of this vulnerability. If you have not already taken steps to close the door on this vulnerability, it’s imperative that you either mitigate the exposure or install the patch once verified that it would not disrupt your environment.

 

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (0)

Leave a Reply

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand was birthed in his book, Beneath a Surface, Brad is a well-rounded journalist who has established himself as a trusted name in the industry.