Microsoft might finally have a solution for its printer issue in the Windows operating system. The Print Spooler vulnerability, also given the delightful moniker of PrintNightmare, has been a thorn in Microsoft’s side since early July.
Customary with the second Tuesday of every month, Microsoft released a batch of fixes to address vulnerabilities.
August’s Patch Tuesday fixes a total of 51 vulnerabilities. Seven have been deemed critical in severity, while one zero-day exploit has been patched. Here is how Microsoft finally got rid of the PrintNightmare problem.
Here’s the backstory
Security researchers in July first discovered the Print Spooler vulnerability. Publishing their proof-of-concept onto the web, researchers quickly realized that Microsoft wasn’t aware of the problem.
The discovery of software flaws is usually handled through a responsible disclosure process. But in this case, all the information needed to exploit the flaw was already published. Hackers just needed to go to the GitHub page to see what was needed.
The vulnerability gave attackers elevated privileges in Windows. By exploiting the Print Spooler tool, the attacker could run arbitrary code on a PC. This, in turn, gave them permission to install programs and view, change or delete data.
The latest Windows update appears to have finally corrected the initial problem. It took two rounds of separate patches to work. After the update has been installed, Windows will only allow users with administrative privileges to install printer drivers with the Point and Print feature.
Microsoft explained that the setting would be turned on automatically when the update is installed, but you can turn it off. Turning the setting off is a bad idea as the company warned, will put computers at risk of being attacked.
What else the update fixes
In addition to addressing the Print Spooler vulnerability, the update fixes several other problems. Most of them are with software exploits in Windows Media, Windows Defender, Remote Desktop Client, Microsoft Office and Windows Update.
The single zero-day exploit used in the wild is a Medic Service Elevation of Privilege Vulnerability. As with previous bugs, Microsoft isn’t too quick to share how the flaw works or who discovered it.
A big chunk of the vulnerabilities had to do with Remote Code Execution. That means attackers could breach your machine through affected software and essentially take full control of it.
How to update Windows
If your Windows computer isn’t set up to automatically download and install security updates, you’ll need to go into the Settings feature to trigger the download.
Click the Start Menu and tap Settings. Click Update & Security > Windows Update. From there, you’ll be able to see if updates are available for download. If not, click Check for Updates to force the process.
The latest update is called 2021-08 Cumulative Update for Windows 10 Version 21H1 and has been given the patch code KB5005033. If the patch is available, click on the Install Now button to start the process.