Microsoft says its patch for PrintNightmare works, despite claims of workarounds

Microsoft logo at Ignite
Microsoft logo at Ignite (Image credit: Windows Central)

What you need to know

  • Microsoft claims that its patch for the PrintNightmare vulnerability works correctly.
  • Several reports claim that there are ways around Microsoft's patch for the vulnerability.
  • The company says that patch workarounds rely on default registry settings being changed to create an insecure configuration.

Microsoft recently released an emergency Windows patch to address a vulnerability known as PrintNightmare. The issue was serious enough to warrant a patch on several versions of Windows, including Windows 7, which is out of support. The patch was supposed to address security vulnerabilities, but reports claim there are workarounds.

When exploited, the vulnerability allows attackers to "install programs; view, change, or delete data; or create new accounts with full user rights," according to Microsoft.

In response to claims of the patch being ineffective, Microsoft investigated the workarounds. According to the company, the patch works as designed and is only ineffective when default registry settings have been changed:

Latest Videos From

Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.

Microsoft recommends that people take the following steps:

  • In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings
  • After applying the security update, review the registry settings documented in the CVE-2021-34527 advisory
  • If the registry keys documented do not exist, no further action is required
  • If the registry keys documented exist, in order to secure your system, you must confirm that the following registry keys are set to 0 (zero) or are not present:
  • HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
  • NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)
  • UpdatePromptSettings = 0 (DWORD) or not defined (default setting)

Microsoft has a support document that goes into the technical specifics of the issue. We also have a guide on how to mitigate the PrintNightmare vulnerability on Windows 10. We update our guide on the issue as more information comes in.

Sean Endicott
News Writer

Sean Endicott is a News Writer at Windows Central, where he covers Windows 11, Surface hardware, Microsoft 365, AI, apps, and the broader PC ecosystem. Since joining the site in 2017, he has written well over a thousand articles across the Microsoft landscape, covering breaking news, analysis, and feature reporting.

He writes Windows Wrap, a weekly column covering the biggest stories in Windows and the PC industry, and what they mean for the platform going forward.

Before joining Windows Central full-time, Sean worked in journalism and media production after earning a First Class degree in Broadcast Journalism from Nottingham Trent University. Outside of tech, he is an award-winning American football coach based in Nottingham, England, and was named BAFCA Youth Coach of the Year in 2024.