PrintNightmare Vulnerability - Status Question


  1. Posts : 47
    Windows 10
       #1

    PrintNightmare Vulnerability - Status Question


    Has this been addressed? Do I still need to keep print spooler disabled? Yes or No.

    I've searched for a definite answer and have not been able to find one. I know there was an initial fix, but then heard that another vulnerability was discovered and that Microsoft was in process of fixing that vulnerability. I cannot find anything about the status of the 2nd vulnerability and don't see any fix in my update history.

    Really a pain keeping print spooler off. Not only is it making printing a chore (either turn print spooler on temporarily or send data to my ipad and print from that), but it also impacts my ability to save files as PDF.

    Help! Fixed or not? Yes or no?
      My Computer

  2. Ghot's Avatar
    Posts : 12,342
    Win 10 Home 10.0.19044.1237 (x64) [21H2]
       #2

    Tomel said:
    Has this been addressed? Do I still need to keep print spooler disabled? Yes or No.

    I've searched for a definite answer and have not been able to find one. I know there was an initial fix, but then heard that another vulnerability was discovered and that Microsoft was in process of fixing that vulnerability. I cannot find anything about the status of the 2nd vulnerability and don't see any fix in my update history.

    Really a pain keeping print spooler off. Not only is it making printing a chore (either turn print spooler on temporarily or send data to my ipad and print from that), but it also impacts my ability to save files as PDF.

    Help! Fixed or not? Yes or no?

    I believe MS is still working on it.

    A lot depends on exactly what version of Windows 10, you are on... in the Taskbar search box type: Winver and post a screenshot of the window that opens.


    Microsoft: PrintNightmare now patched on all Windows versions

    https://support.microsoft.com/en-us/...a-183b129578a7


    /edit

    I wouldn't just believe the title, I would read the articles, carefully.
    Last edited by Ghot; 28 Jul 2021 at 15:07.
      My Computer


  3. Posts : 47
    Windows 10
    Thread Starter
       #3

    Thanks for the links. I reviewed these and various additional links included in these articles and am still uncertain about status of fixes (fixes plural).

    Since I have Windows 10 Home Version 21H1 (OS Build 19043.1110) it appears that KB5004945 available on July 6 addressed the original vulnerability CVE-2021-34527. However, I can't seem to find anything on the additional vulnerability mentioned in a number of places. Following is a paraphrased excerpt from one of those sources:

    "Microsoft released KB5004945 emergency update . . . however . . . patch is incomplete . . . vulnerability can still be locally exploited. . ."


    Microsoft was presumably addressing this additional vulnerability. However, I can't find anything recent on this subject or any further reference to Microsoft working to resolve the issue. It just seems to have gone away. Or am I missing something in my web searches. Maybe I don't have to be concerned since it states the vulnerability still exists "locally" which appears to indicate that they would have to have physical access to my systems..
      My Computer

  4. Ghot's Avatar
    Posts : 12,342
    Win 10 Home 10.0.19044.1237 (x64) [21H2]
       #4

    Tomel said:
    Thanks for the links. I reviewed these and various additional links included in these articles and am still uncertain about status of fixes (fixes plural).

    Since I have Windows 10 Home Version 21H1 (OS Build 19043.1110) it appears that KB5004945 available on July 6 addressed the original vulnerability CVE-2021-34527. However, I can't seem to find anything on the additional vulnerability mentioned in a number of places. Following is a paraphrased excerpt from one of those sources:

    "Microsoft released KB5004945 emergency update . . . however . . . patch is incomplete . . . vulnerability can still be locally exploited. . ."


    Microsoft was presumably addressing this additional vulnerability. However, I can't find anything recent on this subject or any further reference to Microsoft working to resolve the issue. It just seems to have gone away. Or am I missing something in my web searches. Maybe I don't have to be concerned since it states the vulnerability still exists "locally" which appears to indicate that they would have to have physical access to my systems..


    If you check the Microsoft link up above, where it says: Resolution

    That will tell you how to check if you still have to worry about Print Nightmare.


    Mainly... go to this registry key...

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint

    And see if these are true...

    NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)

    UpdatePromptSettings = 0 (DWORD) or not defined (default setting)


    I checked my registry, but I don't have those settings....I assume because I have no printer(s).
      My Computer


  5. Posts : 47
    Windows 10
    Thread Starter
       #5

    I should have mentioned in my last post that I did follow the link shown in the articles. However, under the Windows NT register branch, the only two choices are \Terminal Services\Client and \Windows File Protection. The \Printers\PointAndPrint branch is not there. FYI, I did run Regedit as an Administrator so that's not why I can't see the PointAndPrint branch.

    Since the branch doesn't exist, does this mean I'm not protected or does it mean I'm still in an unknown vulnerability situation?

    By the way, thanks for helping me try to track down this issue.

    Just thought of one other thing. I currently have the spooler disabled. I wouldn't think that would impact whether PointAnd Print branch shows up or not, but thought I would mention it.

    - - - Updated - - -

    Just tried looking at the registry with print spooler enabled and using regedit as an administrator. Still the same result. No PointAndPrint branch. Maybe this only works with the Win 10 Pro, not Win 10 Home.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:13.
Find Us




Windows 10 Forums