What you need to know
- Microsoft claims that its patch for the PrintNightmare vulnerability works correctly.
- Several reports claim that there are ways around Microsoft's patch for the vulnerability.
- The company says that patch workarounds rely on default registry settings being changed to create an insecure configuration.
Microsoft recently released an emergency Windows patch to address a vulnerability known as PrintNightmare. The issue was serious enough to warrant a patch on several versions of Windows, including Windows 7, which is out of support. The patch was supposed to address security vulnerabilities, but reports claim there are workarounds.
When exploited, the vulnerability allows attackers to "install programs; view, change, or delete data; or create new accounts with full user rights," according to Microsoft.
In response to claims of the patch being ineffective, Microsoft investigated the workarounds. According to the company, the patch works as designed and is only ineffective when default registry settings have been changed:
Microsoft recommends that people take the following steps:
- In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings
- After applying the security update, review the registry settings documented in the CVE-2021-34527 advisory
- If the registry keys documented do not exist, no further action is required
- If the registry keys documented exist, in order to secure your system, you must confirm that the following registry keys are set to 0 (zero) or are not present:
- HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
- NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
- UpdatePromptSettings = 0 (DWORD) or not defined (default setting)
Microsoft has a support document (opens in new tab) that goes into the technical specifics of the issue. We also have a guide on how to mitigate the PrintNightmare vulnerability on Windows 10. We update our guide on the issue as more information comes in.
Sean Endicott is the news writer for Windows Central. If it runs Windows, is made by Microsoft, or has anything to do with either, he's on it. Sean's been with Windows Central since 2017 and is also our resident app expert. If you have a news tip or an app to review, hit him up at firstname.lastname@example.org.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.