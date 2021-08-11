With Windows August 2021 Patch, Microsoft Fixes PrintNightmare.

Microsoft has now issued the Windows 10 August 2021 Patch Tuesday security update, which includes a fix for the PrintNightmare vulnerability.

Microsoft released a patch on Wednesday that finally fixed the PrintNightmare vulnerability that has been plaguing Windows 10 users for weeks. According to Windows Central, the update needs the user to have administrative capabilities before being able to use the Point and Print tool to install printer drivers.

“Today, we’re addressing this risk by requiring administrator access to install and update Point and Print drivers by default. In a blog post, Microsoft stated that “installing this update with default settings will mitigate the publicly disclosed vulnerabilities in the Windows Print Spooler service.”

A security researcher accidentally published the PrintNightmare vulnerability, a zero-day Windows print spooler vulnerability, in June. By permitting remote code execution, the flaw may possibly grant local SYSTEM rights.

The vulnerability could pose a major security risk to devices if it is exploited, as users with low rights can use SYSTEM privileges to open a command prompt. This allows them immediate control and access to a gadget.

After investigating the situation, Microsoft got to the conclusion that the PrintNightmare vulnerability is related to the security level of the Point and Print function. The default functionality of the feature, according to the software giant, does not provide enough protection to safeguard users from potential assaults.

In July, Microsoft released an emergency patch to fix the PrintNightmare zero-day vulnerability. The fix, however, did not fully resolve the problem because it did not prevent the local elevation of some privileges.

“Thank you for a great #patchtuesday, Microsoft, but did you forget something for #printnightmare?

Still SYSTEM from a regular user…

(I could be missing something, but the #mimikatz mimispool library continues to load… ) pic.twitter.com/OWOlyLWhHI”

Researchers discovered a means to get past the July emergency upgrade earlier in August. A security researcher named Benjamin Delpy uncovered multiple ways to get around the patch and exploit the PrintNightmare flaw.

Delpy discovered a print server that could install a print driver. The driver can start a Dynamic Link Library that grants SYSTEM privileges to users.

CVE-2021-34481 is the name of the update, which has been provided for all versions of Windows. Users of Windows PCs are urged to update their computers as soon as possible, according to Microsoft.

Users who want to provide non-elevated users access to the Point and Print feature can do so with a registry key, according to Digital Trends.