PrintNightmare Patch Available
By the end of June, security researchers were actively discussing a vulnerability in the Windows Print Spooler service, which they dubbed PrintNightmare.
PrintNightmare is considered extremely dangerous for two main reasons. First, the Windows Print Spooler being enabled by default on all Windows-based systems, including domain controllers (servers) and computers with system admin privileges, makes all such computers vulnerable.
On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows.
As of July 7th (yesterday), Microsoft has released patches for a number of different Windows versions to protect against PrintNightmare (CVE-2021-34527)
| Affected Version | Knowledge Base Article | Patch |
|---|---|---|
| Windows 7 for 32-bit systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) |
5004953 | Monthly Rollup |
|
Windows 7 for 32-bit systems Service Pack 1 |
5004951 | Security Only |
| Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) |
5004954 | Monthly Rollup |
| Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) |
5004958 | Security Only |
| Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) |
5004955 | Monthly Rollup |
| Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) |
5004959 | Security Only |
| Windows 10 for 32-bit Systems Windows 10 for x64-based Systems |
5004950 | Security Update |
| Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) |
5004945 | Security Update |
| Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems |
5004946 | Security Update |
| Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) |
5004947 | Security Update |
| Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) |
5004948 | Security Update |
| Windows RT 8.1 | 5004954 | Unavailable |
Microsoft Security Response Center released a blog post to announce that the cumulative patch released for CVE-2021-34527 also includes a new feature that provides users with the ability to allow non-administrative users to only install signed printer drivers which are trusted by “the installed root certificates in the system’s Trusted Root Certification Authorities”. More information on these enhanced security controls can be found in Microsoft KB5005010.
Additionally, all servers and computers need reliable endpoint security that can prevent exploitation attempts!
If you currently subscribe to our managed services platform which inclutes patch management, we have already marked these critical patches for approval and they should automatically install for you!
If you or your team needs assistance patching against PrintNightmare, please contact us and we will be able to assist!
