Windows 10 Patch Tuesday updates address PrintNightmare vulnerability
Microsoft has fixed the Print Spooler vulnerability known as PrintNightmare. After a saga that includes a researcher accidentally disclosing a vulnerability, Microsoft issuing an emergency fix, and researchers finding a way around the fix, Microsoft has what is likely a final solution for the issue. Following the Windows 10 August 2021 Patch Tuesday security updates, the operating system will require people to have administrative privileges to install printer drivers with the Point and Print feature.
“Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks,” says Microsoft in a blog post.
Microsoft also explains that requiring higher privileges addresses the vulnerability:
Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges. The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service. This change will take effect with the installation of the security updates released on August 10, 2021 for all versions of Windows, and is documented as CVE-2021-34481.
When exploited, the PrintNightmare vulnerability allows users with low privileges to open a command prompt with SYSTEM privileges. This effectively gives people control over a device, creating security risks.
Organizations can change this new behavior to allow people without administrative privileges to be able to install printer drivers with Point and Print. Microsoft recommends against this, however, as “Disabling this mitigation will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service.”
We may earn a commission for purchases using our links. Learn more.
Review: Save money on cloud storage with the ASUSTOR AS1104T NAS
The ASUSTOR AS1104T is a great NAS enclosure that targets the home file storage market, allowing you to save money by canceling a cloud storage subscription. If you’d like to have greater control over your files from anywhere in the world, this enclosure is a good place to start.
Prepare for your next trip with the best travel routers
If you’re going on a trip, you need a portable travel router that not only provides a fast connection, but offers a few more uses as well. Here’s the travel routers that will make dealing with Wi-Fi on your tip a breeze.