Microsoft finally puts an end to Windows 10 PrintNightmare vulnerability

News
By
last updated

To address security concerns, Windows will now require users to have administrative privileges to install printer drivers with Point and Print.

Microsoft
Microsoft (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • Microsoft fixed the Windows Print Spooler vulnerability known as PrintNightmare.
  • People now need to have administrative privileges when using the Point and Print feature to install printer drivers.
  • The change in required privileges comes as part of the Windows 10 August 2021 Patch Tuesday security updates.

Updated August 12, 2021 at 12:15 PM EST: Another PrintNightmare vulnerability has been discovered. The original article follows.

Microsoft has fixed the Print Spooler vulnerability known as PrintNightmare. After a saga that includes a researcher accidentally disclosing a vulnerability, Microsoft issuing an emergency fix, and researchers finding a way around the fix, Microsoft has what is likely a final solution for the issue. Following the Windows 10 August 2021 Patch Tuesday security updates, the operating system will require people to have administrative privileges to install printer drivers with the Point and Print feature.

"Our investigation into several vulnerabilities collectively referred to as "PrintNightmare" has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks," says Microsoft in a blog post.

Microsoft also explains that requiring higher privileges addresses the vulnerability:

Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges. The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service. This change will take effect with the installation of the security updates released on August 10, 2021 for all versions of Windows, and is documented as CVE-2021-34481.

When exploited, the PrintNightmare vulnerability allows users with low privileges to open a command prompt with SYSTEM privileges. This effectively gives people control over a device, creating security risks.

Organizations can change this new behavior to allow people without administrative privileges to be able to install printer drivers with Point and Print. Microsoft recommends against this, however, as "Disabling this mitigation will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service."

Sean Endicott
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.