Forum Discussion
mramaley
Sep 15, 2021Copper Contributor
Unable to Print after installing 2021-09 Cumulative Update (KB5005573)
Anyone else having user print issues after installing this update on a Windows Server 2016 Standard? We can send jobs to the spooler just fine from the server itself, but a user submitted job is just...
ajc196
Oct 14, 2021Steel Contributor
So anyone that simply removed September's updates from their server to fix this will see the same thing with any subsequent month's updates as well. This is due to changes Microsoft announced and later enforced in regards to RPC authentication to address a print spooler spoofing vulnerability. (Note that this is a separate issue from the Point & Print admin elevation requirement caused by PrintNightmare mitigations)
https://support.microsoft.com/en-us/topic/managing-deployment-of-printer-rpc-binding-changes-for-cve-2021-1678-kb4599464-12a69652-30b9-3d61-d9f7-7201623a8b25
https://borncity.com/win/2021/09/20/windows-september-2021-update-workaround-fr-druckprobleme
Disabling enforcement of these RPC auth level changes will make printing work again, i.e. not silently fail.
That said, I've found no documentation or guidance that outlines **why** specifically this RPC auth level enforcement breaks things, and what needs to be accommodated or made different in our environments to not need this workaround.
https://support.microsoft.com/en-us/topic/managing-deployment-of-printer-rpc-binding-changes-for-cve-2021-1678-kb4599464-12a69652-30b9-3d61-d9f7-7201623a8b25
https://borncity.com/win/2021/09/20/windows-september-2021-update-workaround-fr-druckprobleme
Disabling enforcement of these RPC auth level changes will make printing work again, i.e. not silently fail.
That said, I've found no documentation or guidance that outlines **why** specifically this RPC auth level enforcement breaks things, and what needs to be accommodated or made different in our environments to not need this workaround.