Microsoft struggles to wake from PrintNightmare: Latest print spooler patch can be bypassed, researchers say. You'll want to shut down the Windows Print Spooler service (yes, again): Another privilege escalation bug found. Microsoft responds to PrintNightmare by making life that little bit harder for admins. I removed KB5005613 from our server and rebooted the server and that fixed it," said one such last week – but removing a security patch is not a good solution as it leaves a known vulnerability in place. No one can print to the network printers. This discussion on Microsoft's question and answer forum for IT professionals shows the problems administrators now face. Enforcement phase enforces the changes to address CVE-2021-1678 by increasing the authorization level without having to set the registry value." That September date was "Patch Tuesday" last week – though some admins were already having issues with network printing caused by Microsoft's other mitigation efforts. 
Microsoft's fix was in two phases, first to add a registry setting to increase the authorization level for remote access to printers and second, to inform admins that "the release transitions into the enforcement phase on September 14, 2021. The problem is complex and first surfaced in January, when Microsoft issued this support note explaining that "a security bypass vulnerability exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface."
Lansweeper print nightmare update#
Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working.
0 kommentar(er)
