Microsoft Acknowledges Severe, Unpatched, Actively Exploited Print Spooler Service Vulnerability "PrintNightmare"

Raevenlord · Jul 2, 2021

Microsoft has acknowledged the existence of a severe and currently unpatched vulnerability in Windows' Print Spooler service (CVE-2021-34527). The vulnerability affects all versions of Windows, and is being actively exploited as per Microsoft. Poetically named "PrintNightmare", the vulnerability was published earlier this week as a PoC (Proof of Concept) exploit by security researchers, which believed the flaw had already been addressed by Microsoft at time of release (the company patched up another Print Spooler vulnerability issue with the June 2021 security patch). The code was made public and quickly scrapped when developers realized it gave would-be bad actors access to an unpatched way into users' systems - but since it's the Internet, the code had already been forked in GitHub.

The vulnerability isn't rated by the Windows developer as of yet, but it's one of the bad ones: it allows attackers to remotely execute code with system-level privileges. This is the ultimate level of security vulnerability that could exist. Microsoft is currently investigating the issue and developing a patch; however, given the urgency in closing down this exploit, the company is recommending disabling of the Windows Print Spooler service wherever possible, or at least disabling inbound remote printing through Group Policy. If you don't have a printer, just disable the service; if you do, please disable the Group Policy as per the steps outlined in the image below.

View at TechPowerUp Main Site

Space Lynx · Jul 2, 2021

"PrintNightmare" lmao

I mean to be fair, printers were and always have been a nightmare. lol

neatfeatguy · Jul 2, 2021

I hope they don't break the print spooler like they did a year or two ago with a "security update" they pushed out.

ThrashZone · Jul 2, 2021

Hi,
Yeah no need to be a server thanks for the heads up

Lycanwolfen · Jul 2, 2021

I read about this like 8 days ago. But of course this is MS Pretty first before security. Pretty first before usablity. If MS was smart they would build a Linux build and make it look like Windows. Same thing they do with Edge lol chromium browser made to look like they made it.

Nanochip · Jul 2, 2021

All versions of windows eh? How’s that TPM2.0 working out for ya?

Mysteoa · Jul 2, 2021

Nanochip said:
All versions of windows eh? How’s that TPM2.0 working out for ya?

And how has this anything to with it, as it isn't used yet?

Nanochip · Jul 2, 2021

Mysteoa said:
And how has this anything to with it, as it isn't used yet?

The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.

Makaveli · Jul 2, 2021

Hmm this is bad.

We just disabled this on all AD controllers at work.

Mysteoa said:
And how has this anything to with it, as it isn't used yet?

Its not related this is just another I hate windows 11 post.

ThrashZone · Jul 2, 2021

Mysteoa said:
And how has this anything to with it, as it isn't used yet?

Hi,
Lots of insiders are using 11 some on main rigs so I believe that counts as relevant to the thread and a lot also have installed without all newer security features.

defaultluser · Jul 2, 2021

Nanochip said:
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.

Yeah I just don't see anything amazing happening this time around: just look at the decade MS has taken to replace all those Win95-era menus with Metro Design Language (still not done).

It will be Windows 13 before we actually have a cohesive TPM-based security system that will actually prevent gaping security holes like these from owning your system, and in the meantime my Haswell 4790k and Skylake 6500 systems tick all of the other Windows Eleventy requirements (both have a pcie 3.0 slot for installing an m.2 drive, bring-on the load speed-bump!)

Mysteoa · Jul 2, 2021

Nanochip said:
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.

MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.

Dr_b_ · Jul 2, 2021

Mysteoa said:
MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.

They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.

Mysteoa said:
And how has this anything to with it, as it isn't used yet?

Because MS is fronting their security bona fides, and failing at it, repeatedly

Mysteoa · Jul 2, 2021

Dr_b_ said:
They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.

Because MS is fronting their security bona fides, and failing at it, repeatedly

At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?

Dr_b_ · Jul 2, 2021

Mysteoa said:
At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?

TPM has excluded a bunch of hardware and not brought security. Also TPM isn't entirely secure either, alleged government backdoors to outright hacked, yet requiring it makes "old" hardware obsolete that otherwise would run the OS, and in either case, neither would be any more secure, because you have other attack vectors into the system. What would i have them do? Certainly don't stop trying to make it more secure, but it is fun to engage in a bit of Schadenfreude.

newtekie1 · Jul 2, 2021

This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.

5 o'clock Charlie · Jul 2, 2021

lynx29 said:
"PrintNightmare" lmao

I mean to be fair, printers were and always have been a nightmare. lol

Printers are a nightmare, which I think they could have used "pcloadletter" instead imho.

Just think, it could give some users the incentive they need to take their printer out to a field with a baseball bat :laugh:

Divide Overflow · Jul 2, 2021

Windows. It's that thing you're beta testing.

HD64G · Jul 2, 2021

So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

RJARRRPCGP · Jul 2, 2021

Print Spooler=Probably affects all versions of NT-based Windows, down to NT 5! (That also means Windows 2000 and Windows XP)

Udyr · Jul 2, 2021

newtekie1 said:
This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.

Probably, but it is a service many at home don't use either. So better be "safer" than potentially sorry.

R-T-B · Jul 2, 2021

Nanochip said:
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

Hardware security may make some of us complacent, but it does nothing to protect us from signed code that is already bad. Which this, and nearly all security loopholes, are.

Yet another reason I am opposed to it.

Solaris17 · Jul 2, 2021

printing is already a nightmare, cant distinguish between virus and printer fault as is.

AsRock · Jul 3, 2021

HD64G said:
So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

Be more than one reason obviously, how ever if that was one of the reasons would depend on person to person but my reason was not due to any thing to security.

Steevo · Jul 3, 2021

Thank cheap printers with shitty drivers with no on board memory of their own for this, the same set of exploits has been documented by myself and the team I was working in during XP beta and through Vista before I quit giving away time to MS in exchange for license keys and 10 year NDAs.

System Name	The Ryzening
Processor	AMD Ryzen 9 5900X
Motherboard	MSI X570 MAG TOMAHAWK
Cooling	Lian Li Galahad 360mm AIO
Memory	32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s)	Gigabyte RTX 3070 Ti
Storage	Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s)	Acer Nitro VG270UP (1440p 144 Hz IPS)
Case	Lian Li O11DX Dynamic White
Audio Device(s)	iFi Audio Zen DAC
Power Supply	Seasonic Focus+ 750 W
Mouse	Cooler Master Masterkeys Lite L
Keyboard	Cooler Master Masterkeys Lite L
Software	Windows 10 x64

Processor	7800X3D -25 all core
Motherboard	B650 Steel Legend
Cooling	RZ620 (White/Silver)
Memory	32gb ddr5 (2x16) cl 30 6000
Video Card(s)	Merc 310 7900 XT @3200 core -.75v
Display(s)	Agon QHD 27" QD-OLED Glossy 240hz
Case	NZXT H710 (Black/Red)
Power Supply	Corsair RM850x

System Name	Personal / HTPC
Processor	Ryzen 5900x / Ryzen 5600X3D
Motherboard	Asrock x570 Phantom Gaming 4 /ASRock B550 Phantom Gaming
Cooling	Corsair H100i / bequiet! Pure Rock Slim 2
Memory	32GB DDR4 3200 / 16GB DDR4 3200
Video Card(s)	EVGA XC3 Ultra RTX 3080Ti / EVGA RTX 3060 XC
Storage	500GB Pro 970, 250 GB SSD, 1TB & 500GB Western Digital / lots
Display(s)	Dell - S3220DGF & S3222DGM 32"
Case	Titan Silent 2 / CM HAF XB Evo
Audio Device(s)	Logitech G35 headset
Power Supply	850W SeaSonic X Series / 750W SeaSonic X Series
Mouse	Logitech G502
Keyboard	Black Microsoft Natural Elite Keyboard
Software	Windows 10 Pro 64 / Windows 10 Pro 64

System Name	Ghetto Rigs z490\|x99\|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor	10900k w/Optimus Foundation \| 5930k w/Black Noctua D15
Motherboard	z490 Maximus XII Apex \| x99 Sabertooth
Cooling	oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block \| Blk D15
Memory	Trident-Z Royal 4000c16 2x16gb \| Trident-Z 3200c14 4x8gb
Video Card(s)	Titan Xp-water \| evga 980ti gaming-w/ air
Storage	970evo+500gb & sn850x 4tb \| 860 pro 256gb \| Acer m.2 1tb/ sn850x 4tb\| Many2.5" sata's ssd 3.5hdd's
Display(s)	1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case	D450 \| Cherry Entertainment center on Test bench
Audio Device(s)	Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply	EVGA 1000P2 with APC AX1500 \| 850P2 with CyberPower-GX1325U
Mouse	Redragon 901 Perdition x3
Keyboard	G710+x3
Software	Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores	Are in the benchmark section

System Name	The Expanse
Processor	AMD Ryzen 7 9800X3D
Motherboard	Asus Prime X670E-Pro Wifi BIOS 3222 AGESA PI 1.2.0.3a
Cooling	Corsair H150i Elite LCD XT
Memory	64GB G.SKILL Trident Z5 Neo RGB DDR5 6000 CL 30-40-40-96 1T
Video Card(s)	XFX Radeon RX 7900 XTX Magnetic Air (25.6.1)
Storage	WD SN850X 2TB / Corsair MP600 1TB / Samsung 860Evo 1TB x2 Raid 0 / Asus NAS AS1004T V2 20TB
Display(s)	LG 34GP83A-B 34 Inch 21: 9 UltraGear Curved QHD (3440 x 1440) 1ms Nano IPS 160Hz
Case	Fractal Design Meshify S2
Audio Device(s)	Creative X-Fi + Logitech Z-5500 + HS80 Wireless
Power Supply	Corsair AX850 Titanium
Mouse	Corsair Dark Core RGB SE
Keyboard	Corsair K100
Software	Windows 10 Pro x64 22H2
Benchmark Scores	https://valid.x86.fr/asijsu https://browser.geekbench.com/v6/cpu/11073923

Microsoft Acknowledges Severe, Unpatched, Actively Exploited Print Spooler Service Vulnerability "PrintNightmare"

Raevenlord

News Editor

Space Lynx

Astronaut

neatfeatguy

ThrashZone

Lycanwolfen

Nanochip

Mysteoa

Nanochip

Makaveli

ThrashZone

defaultluser

Mysteoa

Dr_b_

Mysteoa

Dr_b_

newtekie1

Semi-Retired Folder

5 o'clock Charlie

Divide Overflow

HD64G

RJARRRPCGP

Udyr

R-T-B

Solaris17

Super Dainty Moderator

AsRock

TPU addict

Steevo

Processor	Intel Core i7 10850K@5.2GHz
Motherboard	AsRock Z470 Taichi
Cooling	Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory	32GB DDR4-3600
Video Card(s)	RTX 2070 Super
Storage	500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s)	Acer Nitro VG280K 4K 28"
Case	Fractal Design Define S
Audio Device(s)	Onboard is good enough for me
Power Supply	eVGA SuperNOVA 1000w G3
Software	Windows 10 Pro x64

Processor	AMD Ryzen 5900X
Motherboard	MSI MAG B550 Mortar
Cooling	ARCTIC COOLING Liquid Freezer II 240
Memory	G.SKILL Flare X Series 64GB (4 x 16GB) 288-Pin DDR4 SDRAM DDR4 3200
Video Card(s)	MSI 4070 Super Gaming X Slim 12GB
Storage	1 x Samsung 980 PRO 500G \| 1 x Mushkin Enhanced Pilot-E M.2 2280 2TB \| 2 x 1TB WD10EADS
Display(s)	1 x ASUS ROG PG27AQN, 1 x Dell ST2421L
Case	Lian Li O11D MINI-X
Audio Device(s)	SteelSeries Arctis 5
Power Supply	Seasonic FOCUS SGX-650, 650W
Mouse	Mionix NAOS QG
Keyboard	SteelSeries Apex Pro
Software	Windows 10 Pro 22H2

Processor	Ryzen 9 5900X
Motherboard	Gigabyte X570 Aorus Master
Cooling	ARCTIC Liquid Freezer III 360 A-RGB
Memory	32 GB Ballistix Elite DDR4-3600 CL16
Video Card(s)	ASRock 9070 XT Taichi OC
Storage	Sabrent Rocket NVMe 4.0 2TB
Display(s)	LG 27GL850B x 2 / ASUS MG278Q
Case	be quiet! Silent Base 802
Audio Device(s)	Sound Blaster AE-7 / Sennheiser HD 660S
Power Supply	Seasonic Vertex PX-1200
Software	Windows 11 Pro 64

Processor	AMD Ryzen 5 5600@80W
Motherboard	MSI B550 Tomahawk
Cooling	ZALMAN CNPS9X OPTIMA
Memory	2*8GB PATRIOT PVS416G400C9K@3733MT_C16
Video Card(s)	Sapphire Radeon RX 6750 XT Pulse 12GB
Storage	Sandisk SSD 128GB, Kingston A2000 NVMe 1TB, Samsung F1 1TB, WD Black 10TB
Display(s)	AOC 27G2U/BK IPS 144Hz
Case	SHARKOON M25-W 7.1 BLACK
Audio Device(s)	Realtek 7.1 onboard
Power Supply	Seasonic Core GC 500W
Mouse	Sharkoon SHARK Force Black
Keyboard	Trust GXT280
Software	Win 7 Ultimate 64bit/Win 10 pro 64bit/Manjaro Linux

System Name	KHR-1
Processor	Ryzen 9 5900X
Motherboard	ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory	64 GB G.Skill RipJaws V F4-3200C16D-64GVK
Video Card(s)	Sparkle Titan Arc A770 16 GB
Storage	Samsung 990 Pro 1 TB NVMe SSD
Display(s)	Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case	Corsair 275R
Audio Device(s)	Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply	eVGA Supernova G3 750W
Mouse	Logitech G Pro (Hero)
Software	Windows 11 Pro x64 24H2

System Name	Back in Black
Processor	Ryzen 7 5700X
Motherboard	MSI B550 Tomahawk Max WIFI
Cooling	ID-Cooling SE-224-XT Black
Memory	ADATA XPG 16GB (2x8) 3200mhz C16
Video Card(s)	XFX RX 6700 XT Speedster Merc 319 _larry Edition
Storage	Solidigm P41 Plus 1TB / Crucial MX500 500GB
Display(s)	Samsung 32" TV 1080p
Case	Montech Air X Black
Power Supply	Thermaltake Toughpower GF1 750W Gold
Mouse	Redragon M711 Cobra
Keyboard	Corsair K55

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	64GB (2x 32GB) G.Skill Flare X5 @ DDR5-6200(Running 1T no GDM)
Video Card(s)	PNY RTX 5080 OC
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W 80Plus Titanium PSU
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11 Enterprise (yes it's legit)

System Name	RogueOne
Processor	Xeon W9-3495x
Motherboard	ASUS w790E Sage SE
Cooling	SilverStone XE360-4677
Memory	128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s)	MSI SUPRIM Liquid 5090
Storage	1x 2TB WD SN850X \| 2x 8TB GAMMIX S70
Display(s)	49" Philips Evnia OLED (49M2C8900)
Case	Thermaltake Core P3 Pro Snow
Audio Device(s)	Moondrop S8's on Schitt Gunnr
Power Supply	Seasonic Prime TX-1600
Mouse	Razer Viper mini signature edition (mercury white)
Keyboard	Wooting 80 HE White, Gateron Jades
VR HMD	Quest 3
Software	Windows 11 Pro Workstation
Benchmark Scores	I dont have time for that.

Processor	AMD 3900X \ AMD 7700X
Motherboard	ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling	D15
Memory	Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s)	eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage	Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s)	Samsung 1080P \ LG 43UN700
Case	Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s)	Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 \Paradigm 7se MKII, Paradigm 5SE MK1 , Blue Yeti
Power Supply	Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse	Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard	Logitech K120 \ Wooting Two HE
Benchmark Scores	Meh benchmarks.

System Name	Compy 386
Processor	7800X3D
Motherboard	Asus
Cooling	Air for now.....
Memory	64 GB DDR5 6400Mhz
Video Card(s)	7900XTX 310 Merc
Storage	Samsung 990 2TB, 2 SP 2TB SSDs, 24TB Enterprise drives
Display(s)	55" Samsung 4K HDR
Audio Device(s)	ATI HDMI
Mouse	Logitech MX518
Keyboard	Razer
Software	A lot.
Benchmark Scores	Its fast. Enough.