Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
AMD Ryzen 5 5600 review
PowerColor RX 6650 XT Hellhound White review
FSP Hydro PTM Pro (1200W PSU) review
ASUS ROG Radeon RX 6750 XT STRIX review
AMD FidelityFX Super Resolution 2.0 - preview
Sapphire Radeon RX 6650 XT Nitro+ review
Sapphire Radeon RX 6950 XT Sapphire Nitro+ Pure review
Sapphire Radeon RX 6750 XT Nitro+ review
MSI Radeon RX 6950 XT Gaming X TRIO review
MSI Radeon RX 6750 XT Gaming X TRIO review

New Downloads
AIDA64 Download Version 6.70
FurMark Download v1.30
Display Driver Uninstaller Download version 18.0.5.1
Download Samsung Magician v7.1.1.820
Intel ARC graphics Driver Download Version: 30.0.101.1732
HWiNFO Download v7.24
GeForce 512.77 WHQL driver download
Intel HD graphics Driver Download Version: 30.0.101.1960
AMD Radeon Software Adrenalin 22.5.1 WHQL driver download
3DMark Download v2.22.7359 + Time Spy


New Forum Topics
ZADAK Introduces the TWSG4S PCIe Gen4 x4 SSD CD Projekt RED promises next-gen versions of The Witcher 3 by the end of 2022 NVIDIA LHR version 3 anti-crypto algorithm for RTX 3050/3080 12GB would be 90% unlocked Review: AMD Ryzen 5 5600 processor Free to grab: Borderlands 3 free on Epic Games Store [3rd-Party Driver] Amernime Zone Radeon Insight 22.5.1 WHQL Driver Pack (Released) GeIL releases DDR5 memory with active cooling and two new RGB fans. NVIDIA Profile Inspector 2.3.0.13 Radeon RX 6950XT to cost $1099, RX 6750XT $549, RX 6650XT $399 Rumor: AMD to announce X670 Extreme, X670 and B650 Chipsets




Guru3D.com » News » Microsoft warns about new vulnerability "PrintNightmare"

Microsoft warns about new vulnerability "PrintNightmare"

by Hilbert Hagedoorn on: 07/05/2021 09:28 AM | source: | 13 comment(s)
Microsoft warns about new vulnerability

In the Windows print queue (from Windows 7 on) is a vulnrebility to be found, Microsoft alerts users about the CVE-2021-34527 vulnerability called "PrintNightmare". it enables attackers to execute code on their machine remotely. This vulnerability can lead to a problem.

The vulnerability has been there for some years, but nothing was known until this week, when a Research Group released a kit on Github on how to exploit the weakness, assuming that it had been addressed earlier in June when Microsoft corrected another Windows Spool issue. The researchers believed that it was PrintNightmare, and because they thought it had been addressed before, they showed how to use it, but it turns out that it wasn't corrected and that millions of machines have now been exposed to severe safety problems.

Solving it

Since the vulnerability is present in multiple versions of Windows and has not yet been patched, Microsoft made certain recommendations to users to restrict access to the spooler service:

  • If you don't have a printer: Disable the "Print queue" service.
  • If you have a printer: Go to "Edit Group Policies", select "Computer Configuration", select "Administrative Templates", select "Printers", and disable the option "Allow the print job manager to accept client connections"






« MSI Launches MAG CH130 Series Gaming Chair (water-resistant) · Microsoft warns about new vulnerability "PrintNightmare" · Edge of Eternity will feature both DLSS and FidelityFX Super Resolution »

Related Stories

Microsoft looking at graphics machine learning development, potential DLSS equivalent? - 07/05/2021 09:04 AM
Microsoft is seeking a software developer in the segment of machine learning to enhance the computing power of graphics from current consoles....

Advertorial: Great Microsoft Windows 10 Pro Deal with URcdkey - 07/02/2021 08:10 AM
Nowadays, many users often continue to use unlicensed software. But this is a rather controversial way of saving. And now we are talking not so much about its illegality as about the danger of all k...

Microsoft removes application to verify Windows 11 requirements - relaxes requirements - 06/29/2021 04:51 PM
Earlier on, we reported a handy tool that verifies if your PC is compatible with the new Windows 11, which was short-lived as Microsoft removed it after several failures in the detection mechanism....

Microsoft Releases First Windows 11 Insider Preview Build - 06/29/2021 08:48 AM
Things are moving fast with Windows 11 now, two weeks ago we did not even know of its existence, today Microsoft released the first official Windows 11 Insider Preview. With this beta, developers and ...

Microsoft removes mandatory >1TB storage requirement for DirectStorage NVMe SSDs - 06/29/2021 08:37 AM
DirectStorage initially had a requirement of volume size, that value was 1TB, which now seems to have been changed. ...


3 pages 1 2 3


Webhiker
Senior Member



Posts: 740
Joined: 2011-03-23

#5926783 Posted on: 07/05/2021 10:36 AM
Assumption is the mother of all f-ups. Proven again and again. When will people learn.

van_dammesque
Member



Posts: 37
Joined: 2004-11-18

#5926785 Posted on: 07/05/2021 10:41 AM
If you have a printer: Go to "Edit Group Policies", select "Computer Configuration", select "Administrative Templates", select "Printers", and disable the option "Allow the print job manager to accept client connections"


I am on Win 10, I only have "Allow Print Spooler to accept client connections" so have disabled that instead.

Mineria
Senior Member



Posts: 5330
Joined: 2007-05-05

#5926810 Posted on: 07/05/2021 12:36 PM
I am on Win 10, I only have "Allow Print Spooler to accept client connections" so have disabled that instead.

You can disable publishing it as well

Astyanax
Senior Member



Posts: 13249
Joined: 2018-03-21

#5926830 Posted on: 07/05/2021 01:25 PM


its disabled by default, unless you're sharing a wired printer amongst your local network.

This exploit requires the installation of a compromised printer driver in the first place, it cannot be exploited simply by having client connections available. (or other trojan exploit)

If your print domain is already infected, this exploit allows clients to be easily infected since the infected driver will be added to the print server store, clients could pull it down by clicking on or trying to print to it.

asturur
Senior Member



Posts: 1199
Joined: 2010-05-12

#5926837 Posted on: 07/05/2021 01:47 PM
Assumption is the mother of all f-ups. Proven again and again. When will people learn.

I think is more MS that should be speedier in fixin or disabling the policy with an update if they know the research came from an external lab

3 pages 1 2 3


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022