• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

PrintNightmare: Microsoft Issues Critical Security Updates for Multiple Versions of Windows

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.24/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
Remember that hideous, remotely exploitable vulnerability on Windows' Print Spooler service, which would enable remote attackers to run code with administrator privileges on your machine? Well, Microsoft seems to be waking up from this particular instance of PrintNightmare, as the company has already issued critical, out-of-band security updates (meaning that they're outside Microsoft's cadenced patch rollout) for several versions of windows. Since the Print Spooler service runs by default and is an integral part of Windows releases (likely since the NT platform development), Microsoft has even pushed out patches to OSs that aren't currently supported.

Microsoft has issued correctives for Windows Server 2019, Windows Server 2012 R2, Windows Server 2008, Windows 8.1, Windows RT 8.1, a variety of supported versions of Windows 10, and even Windows 7. As per Microsoft, Windows Server 2012, Windows Server 2016, and Windows 10 Version 1607 products are still missing the security patches, but they're being actively worked on and should be released sooner rather than later. The security patches include mitigations for both the PrintNightmare issue (CVE-2021-34527), as well as another Print Spooler vulnerability that's been previously reported (CVE-2021-1675). The mitigations are being distributed via Windows Update, as always, and the relevant packages are KB5004945 through KB5004959 (depending on your version of Windows).



View at TechPowerUp Main Site
 
Joined
Jan 5, 2006
Messages
18,584 (2.69/day)
System Name AlderLake
Processor Intel i7 12700K P-Cores @ 5Ghz
Motherboard Gigabyte Z690 Aorus Master
Cooling Noctua NH-U12A 2 fans + Thermal Grizzly Kryonaut Extreme + 5 case fans
Memory 32GB DDR5 Corsair Dominator Platinum RGB 6000MT/s CL36
Video Card(s) MSI RTX 2070 Super Gaming X Trio
Storage Samsung 980 Pro 1TB + 970 Evo 500GB + 850 Pro 512GB + 860 Evo 1TB x2
Display(s) 23.8" Dell S2417DG 165Hz G-Sync 1440p
Case Be quiet! Silent Base 600 - Window
Audio Device(s) Panasonic SA-PMX94 / Realtek onboard + B&O speaker system / Harman Kardon Go + Play / Logitech G533
Power Supply Seasonic Focus Plus Gold 750W
Mouse Logitech MX Anywhere 2 Laser wireless
Keyboard RAPOO E9270P Black 5GHz wireless
Software Windows 11
Benchmark Scores Cinebench R23 (Single Core) 1936 @ stock Cinebench R23 (Multi Core) 23006 @ stock
Just installed it... KB5004945
 

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.24/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
Joined
Jul 7, 2019
Messages
915 (0.47/day)
Aww, was hoping they'd push it all the way back to Win95. :roll:

I have a functional, ancient one I still use on occasion to play some Chip's Challenge, nostalgia in Packard Bell Home, and a few real-old CD games that don't like Win7+ (those obscure, silly and sometimes junk games sold at office supply shops that were DOS/95 compatible).
 
Joined
May 12, 2017
Messages
2,207 (0.80/day)
Thank you Microsoft for windows 7 support.

As of posting, windows 10 is auto downloading KB5004945.
 
Last edited:
Joined
Feb 21, 2006
Messages
2,221 (0.32/day)
Location
Toronto, Ontario
System Name The Expanse
Processor AMD Ryzen 7 5800X3D
Motherboard Asus Prime X570-Pro BIOS 5013 AM4 AGESA V2 PI 1.2.0.Cc.
Cooling Corsair H150i Pro
Memory 32GB GSkill Trident RGB DDR4-3200 14-14-14-34-1T (B-Die)
Video Card(s) XFX Radeon RX 7900 XTX Magnetic Air (24.10.1)
Storage WD SN850X 2TB / Corsair MP600 1TB / Samsung 860Evo 1TB x2 Raid 0 / Asus NAS AS1004T V2 20TB
Display(s) LG 34GP83A-B 34 Inch 21: 9 UltraGear Curved QHD (3440 x 1440) 1ms Nano IPS 160Hz
Case Fractal Design Meshify S2
Audio Device(s) Creative X-Fi + Logitech Z-5500 + HS80 Wireless
Power Supply Corsair AX850 Titanium
Mouse Corsair Dark Core RGB SE
Keyboard Corsair K100
Software Windows 10 Pro x64 22H2
Benchmark Scores 3800X https://valid.x86.fr/1zr4a5 5800X https://valid.x86.fr/2dey9c 5800X3D https://valid.x86.fr/b7d
When I woke up today it was already installed :) gotta love patch tuesdays
 
Joined
Oct 15, 2011
Messages
2,389 (0.50/day)
Location
Springfield, Vermont
System Name KHR-1
Processor Ryzen 9 5900X
Motherboard ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory 32 GB G.Skill RipJawsV F4-3200C16D-32GVR
Video Card(s) Sapphire Nitro+ Radeon RX 6750 XT
Storage Western Digital Black SN850 1 TB NVMe SSD
Display(s) Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case Corsair 275R
Audio Device(s) Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply eVGA Supernova G3 750W
Mouse Logitech G Pro (Hero)
Software Windows 11 Pro x64 23H2
Yep, update-Tuesday on the first Tuesday! This means an out-of-band-emergency!

But fortunately, the update routine didn't fail because of me having the Print Spooler service disabled.
 
Joined
Mar 10, 2010
Messages
11,878 (2.21/day)
Location
Manchester uk
System Name RyzenGtEvo/ Asus strix scar II
Processor Amd R5 5900X/ Intel 8750H
Motherboard Crosshair hero8 impact/Asus
Cooling 360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s) Powercolour RX7900XT Reference/Rtx 2060
Storage Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s) Samsung UAE28"850R 4k freesync.dell shiter
Case Lianli 011 dynamic/strix scar2
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi/Asus stock
Mouse Roccat Kova/ Logitech G wireless
Keyboard Roccat Aimo 120
VR HMD Oculus rift
Software Win 10 Pro
Benchmark Scores 8726 vega 3dmark timespy/ laptop Timespy 6506
So there's reports the patch didn't work, anyone hear similar?!.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,473 (4.10/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Joined
Jun 29, 2018
Messages
537 (0.23/day)
The site you quoted states that it's not available from Windows/Microsoft Update, but from the Catalog instead. It also has the usual ESU eligibility comments. I guess the only way to know is to try installing it on a normal Win7 ;)

I've hear that is completely breaks printing on certain printer brands.
It requires the drivers to be signed by default now. Some aren't, but it can be changed according to KB5005010.
Actually strike that, it's not what that KB is about, my bad. It might be related, however, and a simple re-installation of the driver by an administrative user might fix the issue.
 
Joined
Jul 5, 2013
Messages
27,705 (6.66/day)
The site you quoted states that it's not available from Windows/Microsoft Update, but from the Catalog instead. It also has the usual ESU eligibility comments. I guess the only way to know is to try installing it on a normal Win7 ;)
It does have a lot of cross talk, but we will see. microsft often changes their minds and their site pages.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,473 (4.10/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
Actually strike that, it's not what that KB is about, my bad. It might be related, however, and a simple re-installation of the driver by an administrative user might fix the issue.
Nothing I could do with the driver would fix the issue, and the driver is definitely signed. The only option was to remove the update. The interesting thing is right after the reboot after uninstalling the update, right when I hit enter after typing the password, the printer started working and spitting out the jobs in the queue.

But I guess I should consider myself lucky, at least this update didn't cause a bluescreen every time a print job was sent to the printer like the update Microsoft released a few months ago.
 

Space Lynx

Astronaut
Joined
Oct 17, 2014
Messages
17,202 (4.66/day)
Location
Kepler-186f
Joined
Oct 22, 2014
Messages
14,084 (3.82/day)
Location
Sunshine Coast
System Name H7 Flow 2024
Processor AMD 5800X3D
Motherboard Asus X570 Tough Gaming
Cooling Custom liquid
Memory 32 GB DDR4
Video Card(s) Intel ARC A750
Storage Crucial P5 Plus 2TB.
Display(s) AOC 24" Freesync 1m.s. 75Hz
Mouse Lenovo
Keyboard Eweadn Mechanical
Software W11 Pro 64 bit

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
19,546 (2.86/day)
Location
PiteĂĄ
System Name White DJ in Detroit
Processor Ryzen 5 5600
Motherboard Asrock B450M-HDV
Cooling Be Quiet! Pure Rock 2
Memory 2 x 16GB Kingston Fury 3400mhz
Video Card(s) XFX 6950XT Speedster MERC 319
Storage Kingston A400 240GB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB
Display(s) Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case Fractal Design Define R4
Audio Device(s) Plantronics 5220, Nektar SE61 keyboard
Power Supply Corsair RM850x v3
Mouse Logitech G602
Keyboard Cherry MX Board 1.0 TKL Brown
Software Windows 10 Pro
Benchmark Scores Rimworld 4K ready!
The title is still correct though, they never claimed to have fixed it. :roll:

It appears to be another thing going on. The patch does fix it, but there's also a vulnerability in the PointAndPrint thing, which is not enabled by default.

"The demo shows that the update fails to fix vulnerable systems that use certain settings for a feature called point and print, which makes it easier for network users to obtain the printer drivers they need."

From the comments:

"Point and Print is not directly related to this vulnerability, but the technology weakens the local security posture in such a way that exploitation will be possible. To disallow Point and Print for non-administrators make sure that warning and elevation prompts are shown for printer installs and updates. The following registry keys are not present by default. Verify that the keys are not present or change the following registry values to 0 (zero):

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
NoWarningNoElevationOnInstall = 0 (DWORD)
NoWarningNoElevationOnUpdate = 0 (DWORD)"
 
Joined
Jul 10, 2017
Messages
2,671 (0.99/day)
Aww, was hoping they'd push it all the way back to Win95. :roll:

I have a functional, ancient one I still use on occasion to play some Chip's Challenge, nostalgia in Packard Bell Home, and a few real-old CD games that don't like Win7+ (those obscure, silly and sometimes junk games sold at office supply shops that were DOS/95 compatible).
Any news on 3.11?
 
Joined
Jul 5, 2013
Messages
27,705 (6.66/day)
It appears to be another thing going on. The patch does fix it, but there's also a vulnerability in the PointAndPrint thing, which is not enabled by default.

"The demo shows that the update fails to fix vulnerable systems that use certain settings for a feature called point and print, which makes it easier for network users to obtain the printer drivers they need."

From the comments:
That would make sense. In such a case manual mitigation will be required.
 
Joined
May 18, 2009
Messages
2,950 (0.52/day)
Location
MN
System Name Personal / HTPC
Processor Ryzen 5900x / Ryzen 5600X3D
Motherboard Asrock x570 Phantom Gaming 4 /ASRock B550 Phantom Gaming
Cooling Corsair H100i / bequiet! Pure Rock Slim 2
Memory 32GB DDR4 3200 / 16GB DDR4 3200
Video Card(s) EVGA XC3 Ultra RTX 3080Ti / EVGA RTX 3060 XC
Storage 500GB Pro 970, 250 GB SSD, 1TB & 500GB Western Digital / lots
Display(s) Dell - S3220DGF & S3222DGM 32"
Case CoolerMaster HAF XB Evo / CM HAF XB Evo
Audio Device(s) Logitech G35 headset
Power Supply 850W SeaSonic X Series / 750W SeaSonic X Series
Mouse Logitech G502
Keyboard Black Microsoft Natural Elite Keyboard
Software Windows 10 Pro 64 / Windows 10 Pro 64
Found out that the updates break printing over the network at my place of work. Had a few folks unable to print their reports and other stuff they needed to non-local printers. So, at the moment it's either the IT guy removes the updates or works on running cables directly from some printers to the computers that are supposed to print from.....

And because it's not me that is having to fix all this stupid crap, I find it hilarious.
 
Joined
Jul 5, 2013
Messages
27,705 (6.66/day)
Found out that the updates break printing over the network at my place of work. Had a few folks unable to print their reports and other stuff they needed to non-local printers. So, at the moment it's either the IT guy removes the updates or works on running cables directly from some printers to the computers that are supposed to print from.....

And because it's not me that is having to fix all this stupid crap, I find it hilarious.
Been having that same issue with a few test machines. We came up with a different solution after removing the update from the affected test system. We disconnected the network that have the printers from the internet. There are some issues, but at least we can do the jobs needed. It's actually more important for us to have printers than internet. We're gearing up to config two different networks, one with internet & no printers and the other connected to the printers without internet.
 
Joined
May 18, 2009
Messages
2,950 (0.52/day)
Location
MN
System Name Personal / HTPC
Processor Ryzen 5900x / Ryzen 5600X3D
Motherboard Asrock x570 Phantom Gaming 4 /ASRock B550 Phantom Gaming
Cooling Corsair H100i / bequiet! Pure Rock Slim 2
Memory 32GB DDR4 3200 / 16GB DDR4 3200
Video Card(s) EVGA XC3 Ultra RTX 3080Ti / EVGA RTX 3060 XC
Storage 500GB Pro 970, 250 GB SSD, 1TB & 500GB Western Digital / lots
Display(s) Dell - S3220DGF & S3222DGM 32"
Case CoolerMaster HAF XB Evo / CM HAF XB Evo
Audio Device(s) Logitech G35 headset
Power Supply 850W SeaSonic X Series / 750W SeaSonic X Series
Mouse Logitech G502
Keyboard Black Microsoft Natural Elite Keyboard
Software Windows 10 Pro 64 / Windows 10 Pro 64
Been having that same issue with a few test machines. We came up with a different solution after removing the update from the affected test system. We disconnected the network that have the printers from the internet. There are some issues, but at least we can do the jobs needed. It's actually more important for us to have printers than internet. We're gearing up to config two different networks, one with internet & no printers and the other connected to the printers without internet.

Sounds like you found a work around that's good. Not sure that's something the IT guy here would want to do or have time to do since one of the owners purchased a new company that ties into our line of business and he's had the IT guy over there doing all sorts of stuff, not to mention that he also has to run between three other sister companies to fix the network printer issues that popped up from these updates.
 
Joined
Feb 23, 2019
Messages
6,061 (2.89/day)
Location
Poland
Processor Ryzen 7 5800X3D
Motherboard Gigabyte X570 Aorus Elite
Cooling Thermalright Phantom Spirit 120 SE
Memory 2x16 GB Crucial Ballistix 3600 CL16 Rev E @ 3800 CL16
Video Card(s) RTX3080 Ti FE
Storage SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s) LG 34GN850P-B
Case SilverStone Primera PM01 RGB
Audio Device(s) SoundBlaster G6 | Fidelio X2 | Sennheiser 6XX
Power Supply SeaSonic Focus Plus Gold 750W
Mouse Endgame Gear XM1R
Keyboard Wooting Two HE
So from the sound of it looks like that KB simply disabled the group policy for Print Spooler to accept client connections.

Edit.
Nope, checked my VM and it's still set to "Not configured".
 
Joined
Feb 20, 2020
Messages
9,340 (5.38/day)
Location
Louisiana
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
So from the sound of it looks like that KB simply disabled the group policy for Print Spooler to accept client connections.

Edit.
Nope, checked my VM and it's still set to "Not configured".
Hi,
That was the easy fix if one had gp to use home users were hosed.
 
Joined
Jul 5, 2013
Messages
27,705 (6.66/day)
Sounds like you found a work around that's good. Not sure that's something the IT guy here would want to do or have time to do since one of the owners purchased a new company that ties into our line of business and he's had the IT guy over there doing all sorts of stuff, not to mention that he also has to run between three other sister companies to fix the network printer issues that popped up from these updates.
Ouch. Yeah that's a lot of work. I feel bad for the guy.
 
Top