Tech Alert: Windows Print Spooler Remote Code Execution Vulnerability

Photo of Louis Baetens

Written by Louis Baetens in Technology


Microsoft released mandatory security updates for several Windows versions including 10, 8.1, 7, and Server editions to patch the 'PrintNightmare' exploit.

Shutterstock 146024273

The patch KB5004945 for Windows 10 versions 2004, 20H1, and 21H1. A different KB patch is available for older versions of Windows 10, including versions 1809 and 1507. Patches are also available for Windows Server 2019 and for older versions of Windows and Windows Server, including KB5004954 for Windows 8.1 and Windows Server 2012 R2, and KB5004953 for Windows 7 and Windows Server 2008 R2. There are currently no patches for Windows 10 1607 or for Windows Server 2016 and 2012. They will follow later.

Unfortunately, even after applying the patch, it is still possible to perform a local privilege escalation. To prevent this, the system administrator can disable the Point & Print functionality. Microsoft has also released KB5005010, a patch that prevents new printer drivers from being installed just like that. In addition, Microsoft already published a work-around last week that disables Print Spooler to prevent exploitation.

More information about how to protect from this exploit can be found on the CVE by Microsoft

Please contact your IT service provider in order to patch the exploit and adapt a workaround until a permanent fix/patch is available

We're here to listen.
Get in touch with us.

About the author

Photo of Louis Baetens
Louis Baetens

Louis Baetens is an IT professional with broad system and networking experience. After gaining extensive knowledge as a System Engineer, he decided to specialize within SAP BC and focus on SAP NetWeaver and SAP S/4HANA environments. He is now a skilled SAP Basis/support Consultant with an extended knowledge of SAP support for different types of SAP systems on AIX, Linux and Windows servers.

Read more articles by Louis Baetens

Related articles