The patch KB5004945 for Windows 10 versions 2004, 20H1, and 21H1. A different KB patch is available for older versions of Windows 10, including versions 1809 and 1507. Patches are also available for Windows Server 2019 and for older versions of Windows and Windows Server, including KB5004954 for Windows 8.1 and Windows Server 2012 R2, and KB5004953 for Windows 7 and Windows Server 2008 R2. There are currently no patches for Windows 10 1607 or for Windows Server 2016 and 2012. They will follow later.
Unfortunately, even after applying the patch, it is still possible to perform a local privilege escalation. To prevent this, the system administrator can disable the Point & Print functionality. Microsoft has also released KB5005010, a patch that prevents new printer drivers from being installed just like that. In addition, Microsoft already published a work-around last week that disables Print Spooler to prevent exploitation.
More information about how to protect from this exploit can be found on the CVE by Microsoft
Please contact your IT service provider in order to patch the exploit and adapt a workaround until a permanent fix/patch is available
Tech Alert: Windows Print Spooler Remote Code Execution Vulnerability
Microsoft released mandatory security updates for several Windows versions including 10, 8.1, 7, and Server editions to patch the 'PrintNightmare' exploit.
We're here to listen.
Related articles
Efficient ABAP programming: How to work with Eclipse in SAP
Programming in SAP has changed a lot in recent years. For some years now, there has been the possibility to connect your company's or customer's SAP system...
Introducing the Expertum Application Model
In today's modern application development, it's becoming increasingly important to have proper state management and easy read/edit modes in apps. Expertum...
The switch to Daylight Saving Time in SAP
For most humans, the switch to Daylight Saving Time (26th of March at 02:00 in the morning) just means one hour less sleep. But for software applications,...
SAP Datasphere unleashed
SAP announced the evolution of SAP Data Warehouse Cloud (DWC) into SAP Datasphere during its ‘Data Unleashed’-digital event.
Running a native UI5 desktop application
Having a dedicated desktop application can improve the user experience. To achieve this, we want to use the
XP Recap: Innovation and Development @ SAP TechEd 2022
As stated by my colleague Lars van der Goes, SAP TechEd 2022 again was a mostly online event, only...