Skip Navigation

July 9, 2021 |

Microsoft releases partial fix for the Windows print spooler flaw

Loading table of contents...

On 6 July 2021, Microsoft released a partial fix to mitigate the risks of remote exploitation for the vulnerability in the Windows Print Spooler service, tracked as CVE-2021-34527, commonly known as PrintNightmare. We recommend applying the updates and mitigations for all affected systems immediately, and ensuring Microsoft's recent guidance for additional actions, referenced below, is followed.

Details

  • Multiple versions of proof-of-concept (POC) code are now circulating with various exploitations of this flaw. Some of the POCs demonstrated that remote execution is possible on fully-patched systems when Point and Print configuration is enabled, requiring additional actions beyond patching.
  • Microsoft has provided additional mitigation steps to prevent exploitation when the patches have been applied.
  • Microsoft previously reported that threat actors are already taking advantage of this flaw, making it a critical risk for impacted systems.

Recommendations

  • We recommend following the Microsoft update guide and applying the latest update as soon as possible.
  • Restrict installation of new printer drivers after applying these updates.
  • Once patched, ensure that the Point and Print issue is mitigated as per Microsoft recommendations.
  • If you are unable to install these updates, we recommend applying the mitigation measures in the FAQ and Workaround sections of the Microsoft update guide to help protect your system.

References