To help address the ongoing problems with the so-called PrintNightmare vulnerability (CVE-2021-34527), Microsoft has announced a change to the default behavior of the Point and Print feature in Windows.
The change has been delivered via the KB5005033 and KB5005031 update and means that in order to install printer drivers, users will have to have administrative privileges. This mitigates against the Windows Print Spooler vulnerability that allowed any user to install drivers via Point and Print, a fact that could be exploited to install malicious drivers to allow for remote code execution and SYSTEM privileges.
The fix comes as part of this month’s Patch Tuesday updates, and the company also published a post on the Microsoft Security Response Center blog saying: “Our investigation into several vulnerabilities collectively referred to as ‘PrintNightmare’ has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks”.
The post continues:
Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges. The installation of this update with default settings will mitigate the publicly documented vulnerabilities in the Windows Print Spooler service. This change will take effect with the installation of the security updates released on August 10, 2021 for all supported versions of Windows, and is documented as CVE-2021-34481.
This change may impact Windows print clients in scenarios where non-elevated users were previously able to add or update printers. However, we strongly believe that the security risk justifies this change. While not recommended, customers can manually disable this mitigation with a registry key, which is outlined in the following KB Article:
Microsoft points out that disabling this mitigation will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service. System administrators are advised to assess their security needs before assuming this risk.
KB5005031 is available for Windows 10 version 1909, while KB5005033 is available for Windows 10 versions 2004, 20H2 and 21H1.
Sửa Tủ Lạnh Nội Địa Mitsubishi 17 Aug 2021
2.1Sửa tủ lạnh inverter chạy không lạnh,
không mát/kém mát.
cho thuê bộ đàm 17 Aug 2021
Thiết bị nắm tay máy bộ đàm đầu tiên là máy thu phạt AM SCR-536 do Motorola tạo ra vào năm 1951, cùng với tên là
Handie-Talkie .
Sửa Điều Hòa Mitsubishi 17 Aug 2021
Sở hữu đội ngũ thợ sửa chữa điều hòa trên 10 năm kinh nghiệm, mang tới cho khách hàng chất lượng dịch vụ tốt nhất.
Ivylot 17 Aug 2021
[url=https://nolvadexmedication.com/]tamoxifen cheap[/url]
Janelot 17 Aug 2021
[url=https://buyivermectinsale.com/]cost of ivermectin[/url]