Helient Blog

“PrintNightmare” Vulnerability Allows Remote Code Execution. Patch Available for Supported Releases Only.

Written by Helient Webmaster | Jul 1, 2021 6:10:00 PM

Critical Information for Immediate Review

This critical alert is provided by HeliX to make you aware of important information regarding your Operating System or its embedded components. See below for additional details related to this issue.

 

Alert Summary

App Product: All Supported Windows Operating Systems
Alert Name: “PrintNightmare” Vulnerability Allows Remote Code Execution. Patch Available for Supported Releases Only.
Alert Description: Security updates for the two recently announced Print Spooler vulnerabilities (CVE-2021-34527 and CVE-2021-1675) are available for supported Windows Releases. Windows 10 Releases prior to 1909 cannot be patched and the only available mitigation is to restrict remote printer connections and the installation of new printer drivers.
Vendor Published Date: 07/01/2021

 

Alert Details

The “PrintNightmare” vulnerability announced recently is exposed by a flaw in the Print Spooler service. An out-of-band update was released by Microsoft to address this flaw and the fix was subsequently added to the July Cumulative Update for Windows 10. However, these updates will not install on unsupported releases of Windows 10. To mitigate the issue on devices running an older, unsupported version of Windows, the only option is to block remote printer connections and restrict the installation of printer drivers via Group Policy and/or the appropriate registry values. Please refer to the KB articles below for more details. Administrators running supported releases of Windows 10 should install the update as soon as possible and also follow the Microsoft guidance on configuring Point and Print restrictions.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7

 

About Helix Notifications

The HeliX service notifies its subscribers of certain third-party alerts that may be relevant to the subscribers’ IT systems. The third party that published this alert is not in any way affiliated with Helient Systems. Helient Systems has not independently verified the information in the alert, and is not responsible for its availability, accuracy, or completeness. By delivering this notification, Helient Systems does not assume responsibility for installing any updates or patches, or performing any remediation, repair, or other services, that may be recommended in the alert. Each subscriber is solely responsible for updating its own production systems with any and all recommended updates and patches.

If you need assistance understanding or implementing the recommendations, we would be happy to help. You may contact Helient Systems for additional assistance through our ticketing system at service@helient.com.

This HeliX alert is among a small subset that have been made public for the benefit of all Helient customers and the broader community. HeliX Subscribers receive a continuous feed of timely and targeted notifications to their inbox and their mobile device. HeliX keeps you in the know and in control. To find our more about HeliX, download the datasheet now!