Blog Post

Ritelink Blog > News > SOFTWARE > Microsoft releases mandatory Windows updates to fix PrintNightmare exploit

Microsoft releases mandatory Windows updates to fix PrintNightmare exploit

Earlier last week, Microsoft acknowledged that it was investigating a critical vulnerability in Windows 10 that when exploited could let attackers run arbitrary code on the victim’s system. The vulnerability, tracked under CVE-2021-34527, is present in the Windows Print Spooler service and is termed print “PrintNightmare” that can allow for remote code execution (RCE). As the vulnerability was still being investigated, the Redmond firm listed two possible workarounds to mitigate the risks caused by the bug.

Today, the firm has provided an update in the Microsoft Security Response Center (MSRC) listing for the vulnerability noting that it is rolling out a patch for the latest Windows 10 versions to address the issue. The update, KB5004945, is currently rolling out to the three most recent Windows 10 versions, 2004, 20H2, and 21H1, bumping them to Windows 10 builds 19041.1083, 19042.1083, and 19043.1083, respectively. Since these versions are based on the same codebase, the updates are identical for all the versions. The changelog and documentation for the update are yet to go live.

Considering that these are security updates to fix a critical vulnerability, they are mandatory updates and are downloaded automatically through Windows Update. Users can also manually download the patch from the Update Catalog here. Future patches, such as the upcoming Patch Tuesday updates, will contain these fixes.

There is no word from the firm on how the vulnerability affects older versions of the OS, though it notes that it has completed the investigation of the issue. The updates today are only rolling out to the three most recent and fully supported Windows 10 versions, but it will not be surprising to see a patch being made available for older versions still being supported for Enterprise and Education customers sooner, as the firm notes that supported Windows versions that do not receive an update today will get one “shortly after July 6”.

For those unaware, the PrintNightmare vulnerability is caused by the Print Spooler service not restricting access to a function that is used to install printer drivers remotely. An attacker that gains unrestricted access can execute arbitrary code with SYSTEM privileges, examples of which are already available on the web. Considering the severity of the vulnerability, it is best for all users to update to the latest build as soon as possible.

Update: The patches are available for most supported Windows 10, Windows 8.1, and Windows 7 (ESU users). You can either update via Windows Update, or head to the MSRC document to find links to the requisite Update Catalog pages. The company has also provided the KB article links, but as is the case these days, those pages are yet to be updated. Windows 10 version 1607, Windows Server 2012, and Windows Server 2016 are yet to receive updates.

Here is the complete list of links posted by the firm:

ProductSeverityArticleDownload
Windows Server 2012 R2 (Server Core installation)Critical5004954Monthly Rollup
Windows Server 2012 R2 (Server Core installation)Critical5004958Security Only
Windows Server 2012 R2Critical5004954Monthly Rollup
Windows Server 2012 R2Critical5004958Security Only
Windows Server 2012 (Server Core installation)Critical
Windows Server 2012Critical
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Critical5004953Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Critical5004951Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1Critical5004953Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1Critical5004951Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Critical5004955Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Critical5004959Security Only
Windows Server 2008 for x64-based Systems Service Pack 2Critical5004955Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2Critical5004959Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Critical5004955Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Critical5004959Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2Critical5004955Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2Critical5004959Security Only
Windows 8.1 for x64-based systemsCritical5004954Monthly Rollup
Windows 8.1 for x64-based systemsCritical5004958Security Only
Windows 8.1 for 32-bit systemsCritical5004954Monthly Rollup
Windows 8.1 for 32-bit systemsCritical5004958Security Only
Windows 7 for x64-based Systems Service Pack 1Critical5004953Monthly Rollup
Windows 7 for x64-based Systems Service Pack 1Critical5004951Security Only
Windows 7 for 32-bit Systems Service Pack 1Critical5004953Monthly Rollup
Windows 7 for 32-bit Systems Service Pack 1Critical5004951Security Only
Windows Server 2016 (Server Core installation)Critical
Windows Server 2016Critical
Windows 10 Version 1607 for x64-based SystemsCritical
Windows 10 Version 1607 for 32-bit SystemsCritical
Windows 10 for x64-based SystemsCritical5004950Security Update
Windows 10 for 32-bit SystemsCritical5004950Security Update
Windows Server, version 20H2 (Server Core Installation)Critical5004945Security Update
Windows 10 Version 20H2 for ARM64-based SystemsCritical5004945Security Update
Windows 10 Version 20H2 for 32-bit SystemsCritical5004945Security Update
Windows 10 Version 20H2 for x64-based SystemsCritical5004945Security Update
Windows Server, version 2004 (Server Core installation)Critical5004945Security Update
Windows 10 Version 2004 for x64-based SystemsCritical5004945Security Update
Windows 10 Version 2004 for ARM64-based SystemsCritical5004945Security Update
Windows 10 Version 2004 for 32-bit SystemsCritical5004945Security Update
Windows 10 Version 21H1 for 32-bit SystemsCritical5004945Security Update
Windows 10 Version 21H1 for ARM64-based SystemsCritical5004945Security Update
Windows 10 Version 21H1 for x64-based SystemsCritical5004945Security Update
Windows 10 Version 1909 for ARM64-based SystemsCritical5004946Security Update
Windows 10 Version 1909 for x64-based SystemsCritical5004946Security Update
Windows 10 Version 1909 for 32-bit SystemsCritical5004946Security Update
Windows Server 2019 (Server Core installation)Critical5004947Security Update
Windows Server 2019Critical5004947Security Update
Windows 10 Version 1809 for ARM64-based SystemsCritical5004947Security Update
Windows 10 Version 1809 for x64-based SystemsCritical5004947Security Update
Windows 10 Version 1809 for 32-bit SystemsCritical5004947Security Update

Update 2: The KB articles are now live for those interested in reading through the changelog. For Windows 10, the changelog is mostly similar across versions.

Leave a comment

Your email address will not be published. Required fields are marked *