Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Releases Emergency Update to Patch PrintNightmare Vulnerability

Microsoft has released an out-of-band patch that will plug up a hole in a known zero-day exploit. Known as PrintNightmare, the patch is now being released via Windows Update.

At the heart of the issue is a remote code vulnerability that would allow an attacker to use Windows Print Spooler to perform privileged file operations. An attacker who successfully exploited this vulnerability would be able to view, change, or delete data; or create new accounts with full user rights.

The patch released today is KB5004945 which is linked to CVE-2021-34527 and is known to be actively exploited by malicious agents. Meaning, you need to patch your system as soon as possible to make sure your environment is not left exposed.

Microsoft notes in their release that after you install the patch, all users are either administrators or non-administrators, delegates will no longer be honored.

At this time, there are patches for Windows 10, Windows 8.1, Windows 7, Windows Server 2008 SP2, Windows Server 2012 – Microsoft is closing this vulnerability to software that is also no longer officially supported by the company.

If you find that you are not able to install these updates, there are mitigations available. The company says that to address the PrintNightmare vulnerability, you can disable Print Spooler service to remove printing capability locally and remotely or you can disable inbound remote printing through Group Policy as a means to protect your environment.

It’s rare for Microsoft to release an out-of-band patch that goes to show the severity of this vulnerability. If you have not already taken steps to close the door on this vulnerability, it’s imperative that you either mitigate the exposure or install the patch once verified that it would not disrupt your environment.

by Brad Sams
Jul 6, 2021

Brad Sams has more than a decade of writing and publishing experience under his belt including helping to establish new and seasoned publications From breaking news about upcoming Microsoft products to telling the story of how a billion dollar brand ...

What is a Roaming User Profile on Windows?

Sep 1, 2023
Oct 24, 2023
Microsoft Releases June 2023 Patch Tuesday Updates

Jun 13, 2023
Microsoft to Release Windows 11 LTSC in the Second Half of 2024

Apr 28, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.