The patch KB5004945 for Windows 10 versions 2004, 20H1, and 21H1. A different KB patch is available for older versions of Windows 10, including versions 1809 and 1507. Patches are also available for Windows Server 2019 and for older versions of Windows and Windows Server, including KB5004954 for Windows 8.1 and Windows Server 2012 R2, and KB5004953 for Windows 7 and Windows Server 2008 R2. There are currently no patches for Windows 10 1607 or for Windows Server 2016 and 2012. They will follow later.
Unfortunately, even after applying the patch, it is still possible to perform a local privilege escalation. To prevent this, the system administrator can disable the Point & Print functionality. Microsoft has also released KB5005010, a patch that prevents new printer drivers from being installed just like that. In addition, Microsoft already published a work-around last week that disables Print Spooler to prevent exploitation.
More information about how to protect from this exploit can be found on the CVE by Microsoft
Please contact your IT service provider in order to patch the exploit and adapt a workaround until a permanent fix/patch is available
Tech Alert: Windows Print Spooler Remote Code Execution Vulnerability
Microsoft released mandatory security updates for several Windows versions including 10, 8.1, 7, and Server editions to patch the 'PrintNightmare' exploit.
We're here to listen.
Related articles
Artificial Intelligence in IT: best practices
In the previous blogposts we have explored the advantages and disadvantages of Artificial Intelligence (AI) and machine learning within IT, highlighting that...
How our implementation at Versuni succeeds through bringing business value to the enterprise by challenging business requirements
At the end of 2021, Expertum was asked by Philips Domestic Appliances to fulfil the role of solution architect with the responsibility for integrating...
Artificial Intelligence in IT: pitfalls and limitations
In the previous blog post, we have looked at Artificial intelligence (AI) and its potential within IT. Particularly, we have seen that the presence of AI and...
Artificial Intelligence within the IT: the benefits and its potential
In the last couple of years, Artificial Intelligence (AI) has drastically and permanently impacted our way of living. Think about face recognition that we...
HrUSKo Forum event presentation
On the 29th of November, the HrUSKo (The Croatian Association of the SAP User Group) Forum event was held in Zagreb, Croatia. Our expert, Samer Tomelieh,...
SAP Datasphere unleashed
SAP announced the evolution of SAP Data Warehouse Cloud (DWC) into SAP Datasphere during its ‘Data Unleashed’-digital event.