PrintNightmare is a severe kind of vulnerability all Windows 10 versions are affected from. Because of this, attackers find intrusion into Print Spooler Service and can create accounts having administrative privilege by passing codes through Remote Code Execution (RCE). The vulnerability is listed under CVE 2021 34527 and Microsoft seriously tracking this case. On 6 July 2021 Windows 10 has received patches to fix PrintNightmare.
The security patches bring a registry modification to Windows 10 editions to prohibit users (not admins) from installing unsigned printer drivers. You can run the registry change manually too to deal with this Vulnerability in Print Spooler Service. So you have 2 methods, first, installing KB5004945, KB5004946, or other updates to the respective version (this also includes 2 ways) or simply changing the registry. The later is more helpful when the Windows update for printing vulnerability failed to install.
Fix PrintNightmare vulnerability in Windows 10
Here is how to fix PrintNightmare vulnerability Error in Windows 10 –
Way-1: Receive 06 July 2021 Windows update
Since the updates for fixing the printing vulnerability have been rolled out to Windows 10 21H1, 20H2, v2004, v1909, and other versions and it will be automatically installed you are not needed to do much. If your system hasn’t installed then you can go to these posts according to your version – KB5004945 or KB5004946 and follow the method there. Alternatively, pursue the below steps –
- Press – Winkey.
- Type – updates.
- Click – Check for updates.
- After a while, when the update is downloaded completely, select – Restart now.
Way-2: Install the patch through Microsoft update catalog
In case, you fail to automatic install the emergency patch for PrintNightmare then go along with the underneath method –
- Click this link for Windows 10 21H1, 20H2, and 2004, or this link for 1909.
- Select the Download button for the file that is relevant to your system architecture.
- An isolated page will prompt; click the solitary link placed there.
- Once the downloading is finished, double-click the MSU file.
- You can see preparing for installation, click Yes on confirmation prompt.
In case, you are trying to disable the service go through – How to Disable/Enable Print Spooling Service Windows 10.
Way-3: Modify the Registry entry to fix PrintNightmare vulnerability in Windows 10
Attackers have penetrated the protection layer using unsigned printer drivers to find a way to Print Spooler service to execute unauthorized codes. To prevent this, non-admin users have not been permitted to install these types of drivers. You can modify the registry manually to restrict the installation of the unsigned driver by users via following instructions –
- Click the – Start.
- Type – regedit.
- Press – Enter.
- Copy the below string and paste the address bar of the Registry Editor –
HKEY_LOCAL_MACHINE \Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
- Hit the Enter key and go to the right pane.
- Right-click and select – New > DWORD (32-bit) Value.
- Replace New Value #1 with RestrictDriverInstallationToAdministrators.
- Double click on the value, set the Value data 0, and hit Enter.
- Reboot your PC or restart Windows Explorer.
Source – KB5005010.