P4-630Just installed it... KB5004945

delshayThank you Microsoft for windows 7 support.

ncrsAren't those just for the ESU subscribers? I don't have a Win7 to test with, so I'm not sure.

TheoneandonlyMrKSo there's reports the patch didn't work, anyone hear similar?!.

lexluthermiesterSeems everyone will get it.
support.microsoft.com/en-us/topic/july-6-2021-kb5004951-security-only-update-out-of-band-e05a81cd-9b45-4622-b715-ddb2367bca47

newtekie1I've hear that is completely breaks printing on certain printer brands.

ncrsThe site you quoted states that it's not available from Windows/Microsoft Update, but from the Catalog instead. It also has the usual ESU eligibility comments. I guess the only way to know is to try installing it on a normal Win7 ;)

ncrsActually strike that, it's not what that KB is about, my bad. It might be related, however, and a simple re-installation of the driver by an administrative user might fix the issue.

P4-630Just installed it... KB5004945

lynx29@Raevenlord might want to update the title of your thread :)

Caring1The title is still correct though, they never claimed to have fixed it. :roll:

"Point and Print is not directly related to this vulnerability, but the technology weakens the local security posture in such a way that exploitation will be possible. To disallow Point and Print for non-administrators make sure that warning and elevation prompts are shown for printer installs and updates. The following registry keys are not present by default. Verify that the keys are not present or change the following registry values to 0 (zero):

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
NoWarningNoElevationOnInstall = 0 (DWORD)
NoWarningNoElevationOnUpdate = 0 (DWORD)"

TechLurkerAww, was hoping they'd push it all the way back to Win95. :roll:

I have a functional, ancient one I still use on occasion to play some Chip's Challenge, nostalgia in Packard Bell Home, and a few real-old CD games that don't like Win7+ (those obscure, silly and sometimes junk games sold at office supply shops that were DOS/95 compatible).

FrickIt appears to be another thing going on. The patch does fix it, but there's also a vulnerability in the PointAndPrint thing, which is not enabled by default.

"The demo shows that the update fails to fix vulnerable systems that use certain settings for a feature called point and print, which makes it easier for network users to obtain the printer drivers they need."

From the comments:

neatfeatguyFound out that the updates break printing over the network at my place of work. Had a few folks unable to print their reports and other stuff they needed to non-local printers. So, at the moment it's either the IT guy removes the updates or works on running cables directly from some printers to the computers that are supposed to print from.....

And because it's not me that is having to fix all this stupid crap, I find it hilarious.

lexluthermiesterBeen having that same issue with a few test machines. We came up with a different solution after removing the update from the affected test system. We disconnected the network that have the printers from the internet. There are some issues, but at least we can do the jobs needed. It's actually more important for us to have printers than internet. We're gearing up to config two different networks, one with internet & no printers and the other connected to the printers without internet.

ChomiqSo from the sound of it looks like that KB simply disabled the group policy for Print Spooler to accept client connections.

Edit.
Nope, checked my VM and it's still set to "Not configured".

neatfeatguySounds like you found a work around that's good. Not sure that's something the IT guy here would want to do or have time to do since one of the owners purchased a new company that ties into our line of business and he's had the IT guy over there doing all sorts of stuff, not to mention that he also has to run between three other sister companies to fix the network printer issues that popped up from these updates.