Forum Discussion
PrintNightmare for administrators: Trying to sum up the current knowledge for decision-making:
Hi guys, I wrote this blog post in the hope of making it possible to make decisions on how to mitigate PrintNightmare, while waiting for an official patch from Microsoft. I hope it's useful 🙂 htt...
Emergency Out-of-Band patches for #PrintNightmare are finally being rolled out.
But note:
1: Not all supported Windows versions have a patch yet, but they will come soon.
2: Currently, the fix only protects against Remote Code Execution, not against the Local Privilege Escalation bug.
So, keep Print Spooler disabled on all systems, that doesn't need it.
And keep the Group Policy:
Computer Configuration\Administrative Templates\Printers\Allow Print Spooler to accept client connections - Setting: Disabled
On systems that don't have to function as a print server.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
But note:
1: Not all supported Windows versions have a patch yet, but they will come soon.
2: Currently, the fix only protects against Remote Code Execution, not against the Local Privilege Escalation bug.
So, keep Print Spooler disabled on all systems, that doesn't need it.
And keep the Group Policy:
Computer Configuration\Administrative Templates\Printers\Allow Print Spooler to accept client connections - Setting: Disabled
On systems that don't have to function as a print server.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527