Skip to content

PrintNightmare patches are turning out to be nightmares

  • by
  • 2 min read

On Tuesday, Microsoft released 60 updates and fixes as part of their monthly Patch Tuesday updates. These updates included a fix for the last remaining PrintNightmare vulnerability. However, instead of fixing the problem, Microsoft seems to have dropped the ball here as numerous system admins are reporting wide-scale network printing problems after the update. 

The update on Tuesday included a patch for CVE-2021-36958, the last remaining PrintNightmare vulnerability. The bug first surfaced in July this year and allowed attackers to gain admin access and run arbitrary code on a Windows PC by exploiting the Print Spooler service. 

Microsoft was quick to issue a fix and has been working on patching any other loopholes ever since. However, users have reported that they can no longer print to network computers after the new updates. 

In the News: Apple announces new iPad and iPad Mini with major improvements


Patching Nightmare

Microsoft has had to make significant changes to the entire Point, and Print feature and the way drivers are installed from a print server to patch this vulnerability. The changes include requiring admin privileges to install printer drivers via the feature.

The company has also incorporated registry settings that allow disabling the changes, making computers vulnerable once again. The changes can be configured by modifying the registry key at the following path.

HKLM\Software\Policies\Microsoft\Windows NT\Printers

According to security researcher Benjamin Delpy, the latest fix introduced changes that automatically block the CopyFiles directive print driver feature. WHich means that if printers in your organisation use this directive, they’re likely to not work after the latest update. 

Network printers from just about every manufacturer for Type 3 and Type 4 drivers seem to be impacted. The updates causing problems are as follows. 

In the News: Apple announces 4 iPhone 13 variants starting at $699

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>