Windows 10 PrintNightmare Nightmare Isn’t Over The nightmare that Microsoft has been living with for years is finally over. The company has finally released a fix for thePrint Nightmare issue that was causing users to experience problems with their printers. The new fix, which is available now, resolves the issue of people not being able to print from their devices. It also includes a number of other fixes and improvements. Microsoft has been working on this fix for months, and it is finally available to users. It is a long process, but it is worth it in the end. The company has been plagued by thePrint Nightmare issue for years, and this new fix will hopefully end the problem once and for all.
New PrintNightmare Vulnerability
The new zero-day print spooler vulnerability has been discovered. It’s being tracked as CVE-2021-36958, and it appears to allow hackers to gain SYSTEM access privileges on a Windows PC.
Like previous exploits, this one attacks settings for the Windows print spooler, Windows print drivers, and Windows Point and Print.
The exploit was first spotted by Benjamin Delpy (via Bleeping Computer), and it allows threat actors to get SYSTEM access by connecting to a remote print server. Microsoft later confirmed the issues, saying, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.”
As far as what someone can do if they exploit this vulnerability, Microsoft says, “An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
How Can You Protect Yourself?
Unfortunately, we’ll have to wait until Microsoft issues a patch to fix this new vulnerability. In the meantime, you can disable the Print Spooler or only allow your device to install printers from authorized servers.
To enable the latter, you’ll need to go to edit the group policy on your PC. To do so, launch gpedit.msc, then click “User Configuration.” Next, click on “Administrative Templates,” followed by “Control Panel.” Finally, go to “Printers” and click “Package Point and Print — Approved Servers.”
Once you get to the Package Point and Print — Approved Servers, enter the list of servers you wish to allow to use as a print server or make one up, and then press OK to enable the policy. It’s not a perfect solution, but it’ll help protect you unless the threat actor can take over an authorized print server with malicious drivers.