Microsoft finally puts an end to Windows 10 PrintNightmare vulnerability

News
By Sean Endicott
last updated

To address security concerns, Windows will now require users to have administrative privileges to install printer drivers with Point and Print.

Microsoft
Microsoft (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • Microsoft fixed the Windows Print Spooler vulnerability known as PrintNightmare.
  • People now need to have administrative privileges when using the Point and Print feature to install printer drivers.
  • The change in required privileges comes as part of the Windows 10 August 2021 Patch Tuesday security updates.

Updated August 12, 2021 at 12:15 PM EST: Another PrintNightmare vulnerability has been discovered. The original article follows.

Microsoft has fixed the Print Spooler vulnerability known as PrintNightmare. After a saga that includes a researcher accidentally disclosing a vulnerability, Microsoft issuing an emergency fix, and researchers finding a way around the fix, Microsoft has what is likely a final solution for the issue. Following the Windows 10 August 2021 Patch Tuesday security updates, the operating system will require people to have administrative privileges to install printer drivers with the Point and Print feature.

"Our investigation into several vulnerabilities collectively referred to as "PrintNightmare" has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks," says Microsoft in a blog post.

Microsoft also explains that requiring higher privileges addresses the vulnerability:

Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges. The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service. This change will take effect with the installation of the security updates released on August 10, 2021 for all versions of Windows, and is documented as CVE-2021-34481.

When exploited, the PrintNightmare vulnerability allows users with low privileges to open a command prompt with SYSTEM privileges. This effectively gives people control over a device, creating security risks.

Organizations can change this new behavior to allow people without administrative privileges to be able to install printer drivers with Point and Print. Microsoft recommends against this, however, as "Disabling this mitigation will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service."

Sean Endicott
Sean Endicott
News Writer and apps editor

Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at sean.endicott@futurenet.com.