• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Microsoft Acknowledges Severe, Unpatched, Actively Exploited Print Spooler Service Vulnerability "PrintNightmare"

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.35/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
Microsoft has acknowledged the existence of a severe and currently unpatched vulnerability in Windows' Print Spooler service (CVE-2021-34527). The vulnerability affects all versions of Windows, and is being actively exploited as per Microsoft. Poetically named "PrintNightmare", the vulnerability was published earlier this week as a PoC (Proof of Concept) exploit by security researchers, which believed the flaw had already been addressed by Microsoft at time of release (the company patched up another Print Spooler vulnerability issue with the June 2021 security patch). The code was made public and quickly scrapped when developers realized it gave would-be bad actors access to an unpatched way into users' systems - but since it's the Internet, the code had already been forked in GitHub.

The vulnerability isn't rated by the Windows developer as of yet, but it's one of the bad ones: it allows attackers to remotely execute code with system-level privileges. This is the ultimate level of security vulnerability that could exist. Microsoft is currently investigating the issue and developing a patch; however, given the urgency in closing down this exploit, the company is recommending disabling of the Windows Print Spooler service wherever possible, or at least disabling inbound remote printing through Group Policy. If you don't have a printer, just disable the service; if you do, please disable the Group Policy as per the steps outlined in the image below.



View at TechPowerUp Main Site
 
Joined
May 18, 2009
Messages
2,733 (0.50/day)
Location
MN
System Name Personal / HTPC
Processor Ryzen 5900x / i5-4460
Motherboard Asrock x570 Phantom Gaming 4 /ASRock Z87 Extreme4
Cooling Corsair H100i / stock HSF
Memory 32GB DDR4 3200 / 8GB DDR3 1600
Video Card(s) EVGA XC3 Ultra RTX 3080Ti / EVGA RTX 3060 XC
Storage 500GB Samsung Pro 970, 250 GB SSD, 1TB & 500GB Western Digital / 2x 4TB & 1x 8TB WD Red
Display(s) Dell - S3220DGF 32" LED Curved QHD FreeSync Monitor / 50" LCD TV
Case CoolerMaster HAF XB Evo / CM HAF XB Evo
Power Supply 850W SeaSonic X Series / 750W SeaSonic X Series
Mouse Logitech G502
Keyboard Black Microsoft Natural Elite Keyboard
Software Windows 10 Pro 64 / Windows 10 Home 64
I hope they don't break the print spooler like they did a year or two ago with a "security update" they pushed out.
 
Joined
Feb 20, 2020
Messages
9,162 (6.11/day)
Location
Louisianna
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
Yeah no need to be a server thanks for the heads up
 
Joined
Jun 11, 2017
Messages
212 (0.09/day)
Location
Montreal Canada
I read about this like 8 days ago. But of course this is MS Pretty first before security. Pretty first before usablity. If MS was smart they would build a Linux build and make it look like Windows. Same thing they do with Edge lol chromium browser made to look like they made it.
 
Joined
Apr 24, 2021
Messages
251 (0.23/day)
And how has this anything to with it, as it isn't used yet?
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.
 
Last edited:
Joined
Feb 21, 2006
Messages
1,972 (0.30/day)
Location
Toronto, Ontario
System Name The Expanse
Processor AMD Ryzen 7 5800X3D
Motherboard Asus Prime X570-Pro BIOS 5003 AM4 AGESA V2 PI 1.2.0.B
Cooling Corsair H150i Pro
Memory 32GB GSkill Trident RGB DDR4-3200 14-14-14-34-1T (B-Die)
Video Card(s) AMD Radeon RX 7900 XTX 24GB (24.3.1)
Storage WD SN850X 2TB / Corsair MP600 1TB / Samsung 860Evo 1TB x2 Raid 0 / Asus NAS AS1004T V2 14TB
Display(s) LG 34GP83A-B 34 Inch 21: 9 UltraGear Curved QHD (3440 x 1440) 1ms Nano IPS 160Hz
Case Fractal Design Meshify S2
Audio Device(s) Creative X-Fi + Logitech Z-5500 + HS80 Wireless
Power Supply Corsair AX850 Titanium
Mouse Corsair Dark Core RGB SE
Keyboard Corsair K100
Software Windows 10 Pro x64 22H2
Benchmark Scores 3800X https://valid.x86.fr/1zr4a5 5800X https://valid.x86.fr/2dey9c
Hmm this is bad.

We just disabled this on all AD controllers at work.

And how has this anything to with it, as it isn't used yet?

Its not related this is just another I hate windows 11 post.
 
Joined
Feb 20, 2020
Messages
9,162 (6.11/day)
Location
Louisianna
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
And how has this anything to with it, as it isn't used yet?
Hi,
Lots of insiders are using 11 some on main rigs so I believe that counts as relevant to the thread and a lot also have installed without all newer security features.
 
Joined
Aug 6, 2020
Messages
729 (0.55/day)
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.


Yeah I just don't see anything amazing happening this time around: just look at the decade MS has taken to replace all those Win95-era menus with Metro Design Language (still not done).

It will be Windows 13 before we actually have a cohesive TPM-based security system that will actually prevent gaping security holes like these from owning your system, and in the meantime my Haswell 4790k and Skylake 6500 systems tick all of the other Windows Eleventy requirements (both have a pcie 3.0 slot for installing an m.2 drive, bring-on the load speed-bump!)
 
Last edited:
Joined
Aug 23, 2013
Messages
453 (0.12/day)
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.

MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.
 
Joined
May 25, 2014
Messages
243 (0.07/day)
MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.
They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.

And how has this anything to with it, as it isn't used yet?
Because MS is fronting their security bona fides, and failing at it, repeatedly
 
Joined
Aug 23, 2013
Messages
453 (0.12/day)
They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.


Because MS is fronting their security bona fides, and failing at it, repeatedly

At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?
 
Joined
May 25, 2014
Messages
243 (0.07/day)
At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?
TPM has excluded a bunch of hardware and not brought security. Also TPM isn't entirely secure either, alleged government backdoors to outright hacked, yet requiring it makes "old" hardware obsolete that otherwise would run the OS, and in either case, neither would be any more secure, because you have other attack vectors into the system. What would i have them do? Certainly don't stop trying to make it more secure, but it is fun to engage in a bit of Schadenfreude.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.
 
Joined
Oct 7, 2018
Messages
116 (0.06/day)
Location
Pennsylvania, USA
Processor AMD Ryzen 5900X
Motherboard MSI MAG B550 Mortar
Cooling ARCTIC COOLING Liquid Freezer II 240
Memory G.SKILL Flare X Series 32GB (4 x 8GB) 288-Pin DDR4 SDRAM DDR4 3200
Video Card(s) EVGA GeForce GTX 2080 FTW3 Ultra, 08G-P4-2287-KR, 8GB GDDR6
Storage 1 x Samsung 980 PRO 500G | 1 x Mushkin Enhanced Pilot-E M.2 2280 2TB | 2 x 1TB WD10EADS
Display(s) 1 x ASUS ROG PG259QNR, 1 x Dell ST2421L
Case Lian Li O11D MINI-X
Audio Device(s) SteelSeries Arctis 5
Power Supply Seasonic FOCUS SGX-650, 650W
Mouse Mionix NAOS QG
Keyboard SteelSeries Apex Pro
Software Windows 10 Pro 21H1
"PrintNightmare" lmao

I mean to be fair, printers were and always have been a nightmare. lol
Printers are a nightmare, which I think they could have used "pcloadletter" instead imho.

Just think, it could give some users the incentive they need to take their printer out to a field with a baseball bat :laugh:
 
Joined
Apr 15, 2009
Messages
1,007 (0.18/day)
Processor Ryzen 9 5900X
Motherboard Gigabyte X570 Aorus Master
Cooling ARCTIC Liquid Freezer II 360 A-RGB
Memory 32 GB Ballistix Elite DDR4-3600 CL16
Video Card(s) XFX 6800 XT Speedster Merc 319 Black
Storage Sabrent Rocket NVMe 4.0 1TB
Display(s) LG 27GL850B x 2 / ASUS MG278Q
Case be quiet! Silent Base 802
Audio Device(s) Sound Blaster AE-7 / Sennheiser HD 660S
Power Supply Seasonic Prime 750W Titanium
Software Windows 11 Pro 64
Windows. It's that thing you're beta testing.
 
Joined
Apr 30, 2011
Messages
2,648 (0.56/day)
Location
Greece
Processor AMD Ryzen 5 5600@80W
Motherboard MSI B550 Tomahawk
Cooling ZALMAN CNPS9X OPTIMA
Memory 2*8GB PATRIOT PVS416G400C9K@3733MT_C16
Video Card(s) Sapphire Radeon RX 6750 XT Pulse 12GB
Storage Sandisk SSD 128GB, Kingston A2000 NVMe 1TB, Samsung F1 1TB, WD Black 10TB
Display(s) AOC 27G2U/BK IPS 144Hz
Case SHARKOON M25-W 7.1 BLACK
Audio Device(s) Realtek 7.1 onboard
Power Supply Seasonic Core GC 500W
Mouse Sharkoon SHARK Force Black
Keyboard Trust GXT280
Software Win 7 Ultimate 64bit/Win 10 pro 64bit/Manjaro Linux
So, what anyone who switched from win7 to win10 just because of security reasons has to say now?
 
Joined
Oct 15, 2011
Messages
1,920 (0.42/day)
Location
Springfield, Vermont
System Name KHR-1
Processor Ryzen 9 5900X
Motherboard ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory 32 GB G.Skill RipJawsV F4-3200C16D-32GVR
Video Card(s) Sapphire Nitro+ Radeon RX 6750 XT
Storage Western Digital Black SN850 1 TB NVMe SSD
Display(s) Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case Corsair 275R
Audio Device(s) Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply eVGA Supernova G3 750W
Mouse Logitech G Pro (Hero)
Software Windows 11 Pro x64 23H2
Print Spooler=Probably affects all versions of NT-based Windows, down to NT 5! (That also means Windows 2000 and Windows XP)
 
Joined
Mar 9, 2021
Messages
301 (0.27/day)
System Name Back in Black
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk
Cooling ID-Cooling SE-224-XT Black
Memory Corsair Vengeance LPX 16GB (2x8) 3000mhz C15
Video Card(s) Asus Rog Strix GTX 1070 TI Advanced Edition
Storage Crucial MX500 500GB / Solidigm P41 Plus 1TB
Display(s) Samsung 32" TV 1080p
Case Montech Air X Black
Power Supply Thermaltake Toughpower GF1 750W Gold
Mouse Redragon M711 Cobra
Keyboard Corsair K55
This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.
Probably, but it is a service many at home don't use either. So better be "safer" than potentially sorry.
 
Joined
Aug 20, 2007
Messages
20,710 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.
Hardware security may make some of us complacent, but it does nothing to protect us from signed code that is already bad. Which this, and nearly all security loopholes, are.

Yet another reason I am opposed to it.
 

Solaris17

Super Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
25,776 (3.79/day)
Location
Alabama
System Name Rocinante
Processor I9 14900KS
Motherboard EVGA z690 Dark KINGPIN (modded BIOS)
Cooling EK-AIO Elite 360 D-RGB
Memory 64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s) MSI SUPRIM Liquid X 4090
Storage 1x 500GB 980 Pro | 1x 1TB 980 Pro | 1x 8TB Corsair MP400
Display(s) Odyssey OLED G9 G95SC
Case Lian Li o11 Evo Dynamic White
Audio Device(s) Moondrop S8's on Schiit Hel 2e
Power Supply Bequiet! Power Pro 12 1500w
Mouse Lamzu Atlantis mini (White)
Keyboard Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD Quest 3
Software Windows 11
Benchmark Scores I dont have time for that.
printing is already a nightmare, cant distinguish between virus and printer fault as is. :p
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
18,851 (3.08/day)
Location
UK\USA
Processor AMD 3900X \ AMD 7700X
Motherboard ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling D15
Memory Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s) eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s) Samsung 1080P \ LG 43UN700
Case Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s) Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ Wooting Two HE
Benchmark Scores Meh benchmarks.
So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

Be more than one reason obviously, how ever if that was one of the reasons would depend on person to person but my reason was not due to any thing to security.
 
Joined
Nov 4, 2005
Messages
11,655 (1.73/day)
System Name Compy 386
Processor 7800X3D
Motherboard Asus
Cooling Air for now.....
Memory 64 GB DDR5 6400Mhz
Video Card(s) 7900XTX 310 Merc
Storage Samsung 990 2TB, 2 SP 2TB SSDs and over 10TB spinning
Display(s) 56" Samsung 4K HDR
Audio Device(s) ATI HDMI
Mouse Logitech MX518
Keyboard Razer
Software A lot.
Benchmark Scores Its fast. Enough.
Thank cheap printers with shitty drivers with no on board memory of their own for this, the same set of exploits has been documented by myself and the team I was working in during XP beta and through Vista before I quit giving away time to MS in exchange for license keys and 10 year NDAs.
 
Top