Skip to main content
  1. Home
  2. Computing

This crucial Windows update finally fixes the PrintNightmare vulnerability

By

Microsoft has issued a new security patch for the issues surrounding the PrintNightmare vulnerability in Windows. This time around, Microsoft is changing the default Point and Print driver installation and update behavior to require administrator privileges.

According to Microsoft, this latest change comes because the company believed the default behavior of Point and Print did not provide its customers with “the level of security required to protect against potential attacks.” This basically addresses the issue from early August where a cybersecurity researcher managed to exploit the Windows Print Spooler and gain administrative privileges in Windows by using a custom print server.

A printer sitting on a desk next to coins.
Image used with permission by copyright holder

The change will take effect with the latest security updates released for all versions of Windows as part of what’s known as “Patch Tuesday.” On Windows 10 version 21H1 (The May 2021 Update,) and the two more recent versions of Windows 10, you can head to Windows settings, click Update and Security, followed by Check for Updates. You can then look for KB5005033 in the list to apply the patch (and then this change) to your machine. Your PC will restart as part of the process.

Recommended Videos

“The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service,” said Microsoft.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, Max (HBO), and more

After installing this patch, the ability for non-elevated users to add or update printers might be impacted. Microsoft says that the security risks of PrintNightmare justify this change. If you still want non-elevated users to add or update printers to add or update printers, you can do so with a registry key. This, however, is not recommended as it will expose your PC to publicly known vulnerabilities in the Windows Print Spooler service.

PrintNightmare has been a tricky issue for Microsoft to fix. Since the vulnerabilities in the Windows Print Spooler service were first discovered back in July, Microsoft issued one big patch which it said addressed the issue. Security Researchers then dug deeper into the patch and exposed two other flaws beyond what Microsoft had already fixed.

To ensure that you’re protected against PrintNightmare, Microsoft urges you to update your PC as soon as possible. If you have automatic updates turned on, you’re automatically protected and won’t have any issues.

Arif Bacchus
Arif Bacchus
Former Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Topics

Editors’ Recommendations

Windows 11’s February 2025 update fixes annoying bugs
Windows 11 logo on a laptop.

Microsoft's February 2025 cumulative update brings much-needed relief to Windows 11 users, fixing Auto HDR issues that caused game crashes, audio output disruptions, and USB webcam detection problems, as reported by Bleeping Computer. The patch, KB5051987 for Windows 11 24H2 users and KB5051989 for 23H2 addresses these irritating bugs and is mandatory.

The update fixes the Auto HDR problem that interfered with the colors and caused game crashes, improving the gaming experience. Furthermore, the update fixes a bug that cut off audio output, especially if you were using a digital-to-analog converter (DAC), though others were affected. Moreover, a rare issue displayed a "This device cannot start" message, but you may not have seen that one.

Read more
Microsoft is cracking down on unsupported Windows 11 installs
A Dell laptop with Windows 10 sitting on a desk.

A support document showing users how to install Windows 11 on unsupported PCs was deleted sometime in the past two months. Its disappearance, noticed by Neowin, echoes Microsoft's recent "year of the Windows 11 PC refresh" rhetoric, encouraging (or forcing) users to buy new PCs that meet Windows 11 hardware requirements.

When Windows 11 launched in 2021, Microsoft announced that it was adding TPM 2.0 as a hardware requirement -- a move that was met with plenty of resistance. To soften the blow, Microsoft also published a support document detailing how users could edit their registry key values to bypass the TPM 2.0 check.

Read more
Microsoft is axing support for its own apps on Windows 10
The Surface Laptop 7 on a table in front of a window.

Microsoft has announced that support for Microsoft 365 apps on Windows 10 will end this year on October 14, as reported by The Verge. This is also the end-of-support date for Windows 10 as a whole, but the move is still a little surprising considering that Microsoft is now offering the Windows 10 Extended Security Updates (ESU) Program.

Anyone who joins this program for $30 can continue to safely use Windows 10 for a whole extra year -- so you might think that Microsoft would let them continue to use the Office apps too. That said, it's not like the apps will disappear, they just won't receive any more updates. According to Microsoft, this could cause "performance and reliability issues over time" but whether these issues will pop up within the ESU program's duration or not is anyone's guess.

Read more