Microsoft patches remaining versions of Windows against PrintNightmare flaw

Patches to fix a severe flaw in the Windows Print spooler are now available for Windows 10 Version 1607, Windows Server 2012 and Windows Server 2016.

password.jpg

Image: GettyImages/Yuichiro Chino

Microsoft has now released patches to protect all versions of Windows against the critical PrintNightmare flaw. On Tuesday, the company had deployed fixes to cover most but not all editions of Windows. On Wednesday, Microsoft patched the remaining versions of Windows, according to an update on its message center page.

SEE: Checklist: Securing Windows 10 systems (TechRepublic Premium)

More about cybersecurity

Newly patched as of July 7 are Windows 10 version 1607, all editions of Windows Server 2012 (including Server Core) and all editions of Windows Server 2016 (including Server Core). This means that all 40 flavors of Windows now have a patch for this flaw, including ones no longer supported by Microsoft, such as Windows 7 and Windows Server 2008.

Pushing out patches for all versions of Windows, even unsupported ones, shows how serious Microsoft considered this vulnerability. As another sign, the company deployed the patch as an out-of-band update, choosing not to wait until next week’s Patch Tuesday to roll it out.

All individual users should check Windows Update to download and install the patch for their version of Windows, while organizations should deploy the update through their patch management system. The updates are also available by searching the Microsoft Update Catalog for the specific Knowledge Base number for your version of Windows and by using the Windows Server Update Services (WSUS).

Fixing this particular problem with the Windows Print spooler service was complicated because Microsoft had to patch two different flaws. Known as CVE-2021-1675, the first flaw was patched through Microsoft’s June 2021 security updates. But that still left a second and more serious flaw.

Dubbed CVE-2021-34527 and nicknamed PrintNightmare, the second vulnerability concerned an issue in RpcAddPrinterDriverEx(), a function that allows users to install or update a printer driver. If exploited by an attacker, this one would have allowed them to take over a compromised computer to install software, modify data and create new user accounts.

The security updates released on July 6 and July 7 include fixes for both flaws. Anyone unable to install the updates is advised to check the FAQ section in CVE-2021-34527 for steps on protecting their systems. Information on installing new printer drivers after applying the update is accessible in Microsoft’s KB5005010 support document.

Also see