Wednesday, July 7th 2021
PrintNightmare: Microsoft Issues Critical Security Updates for Multiple Versions of Windows
Remember that hideous, remotely exploitable vulnerability on Windows' Print Spooler service, which would enable remote attackers to run code with administrator privileges on your machine? Well, Microsoft seems to be waking up from this particular instance of PrintNightmare, as the company has already issued critical, out-of-band security updates (meaning that they're outside Microsoft's cadenced patch rollout) for several versions of windows. Since the Print Spooler service runs by default and is an integral part of Windows releases (likely since the NT platform development), Microsoft has even pushed out patches to OSs that aren't currently supported.
Microsoft has issued correctives for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1, a variety of supported versions of Windows 10, and even Windows 7. As per Microsoft, Windows Server 2012, Windows Server 2016, and Windows 10 Version 1607 products are still missing the security patches, but they're being actively worked on and should be released sooner rather than later. The security patches include mitigations for both the PrintNightmare issue (CVE-2021-34527), as well as another Print Spooler vulnerability that's been previously reported (CVE-2021-1675). The mitigations are being distributed via Windows Update, as always, and the relevant packages are KB5004945 through KB5004959 (depending on your version of Windows).
Sources:
Microsoft, via The Verge
Microsoft has issued correctives for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1, a variety of supported versions of Windows 10, and even Windows 7. As per Microsoft, Windows Server 2012, Windows Server 2016, and Windows 10 Version 1607 products are still missing the security patches, but they're being actively worked on and should be released sooner rather than later. The security patches include mitigations for both the PrintNightmare issue (CVE-2021-34527), as well as another Print Spooler vulnerability that's been previously reported (CVE-2021-1675). The mitigations are being distributed via Windows Update, as always, and the relevant packages are KB5004945 through KB5004959 (depending on your version of Windows).
31 Comments on PrintNightmare: Microsoft Issues Critical Security Updates for Multiple Versions of Windows
I think the issue is he tried to configure another computer on the network to use the one shared printer of mine (that no one else has ever printed to before) and upon doing so the computer that he was using (which has the printer-nightmare patch on it) some how broke the print spooler and how it functions with the print drivers - at least that's my best guess. For now I have to do some dancing with changing printer default settings and power cycling the printers to get things to print to where they need to go....it's tedious, but at least I can still get my work done.
Trying to set up my Canon MX475. The Windows Control Panel (Settings) says there's no driver available. MS Word says "the active directory domain service is unavailable". The Canon website has the following menus: "Vision, Our Business, Newsroom, Sustainability, About Canon". The most boring company BS ever! Where's the F-ing driver? Who designs a web page like this?! :banghead:
This isn't the driver ?
www.canon.co.uk/support/consumer_products/products/fax__multifunctionals/inkjet/pixma_mx_series/pixma_mx475.html?type=drivers&language=&os=windows%207%20(64-bit)
Yeah duckduckgo this was first result
Funny you both are in the UK lol