• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Microsoft Acknowledges Severe, Unpatched, Actively Exploited Print Spooler Service Vulnerability "PrintNightmare"

Raevenlord

News Editor
Joined
Aug 12, 2016
Messages
3,755 (1.15/day)
Location
Portugal
System Name The Ryzening
Processor AMD Ryzen 9 5900X
Motherboard MSI X570 MAG TOMAHAWK
Cooling Lian Li Galahad 360mm AIO
Memory 32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s) Gigabyte RTX 3070 Ti
Storage Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s) Acer Nitro VG270UP (1440p 144 Hz IPS)
Case Lian Li O11DX Dynamic White
Audio Device(s) iFi Audio Zen DAC
Power Supply Seasonic Focus+ 750 W
Mouse Cooler Master Masterkeys Lite L
Keyboard Cooler Master Masterkeys Lite L
Software Windows 10 x64
Microsoft has acknowledged the existence of a severe and currently unpatched vulnerability in Windows' Print Spooler service (CVE-2021-34527). The vulnerability affects all versions of Windows, and is being actively exploited as per Microsoft. Poetically named "PrintNightmare", the vulnerability was published earlier this week as a PoC (Proof of Concept) exploit by security researchers, which believed the flaw had already been addressed by Microsoft at time of release (the company patched up another Print Spooler vulnerability issue with the June 2021 security patch). The code was made public and quickly scrapped when developers realized it gave would-be bad actors access to an unpatched way into users' systems - but since it's the Internet, the code had already been forked in GitHub.

The vulnerability isn't rated by the Windows developer as of yet, but it's one of the bad ones: it allows attackers to remotely execute code with system-level privileges. This is the ultimate level of security vulnerability that could exist. Microsoft is currently investigating the issue and developing a patch; however, given the urgency in closing down this exploit, the company is recommending disabling of the Windows Print Spooler service wherever possible, or at least disabling inbound remote printing through Group Policy. If you don't have a printer, just disable the service; if you do, please disable the Group Policy as per the steps outlined in the image below.



View at TechPowerUp Main Site
 
"PrintNightmare" lmao

I mean to be fair, printers were and always have been a nightmare. lol
 
I hope they don't break the print spooler like they did a year or two ago with a "security update" they pushed out.
 
Hi,
Yeah no need to be a server thanks for the heads up
 
I read about this like 8 days ago. But of course this is MS Pretty first before security. Pretty first before usablity. If MS was smart they would build a Linux build and make it look like Windows. Same thing they do with Edge lol chromium browser made to look like they made it.
 
And how has this anything to with it, as it isn't used yet?
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.
 
Last edited:
Hmm this is bad.

We just disabled this on all AD controllers at work.

And how has this anything to with it, as it isn't used yet?

Its not related this is just another I hate windows 11 post.
 
And how has this anything to with it, as it isn't used yet?
Hi,
Lots of insiders are using 11 some on main rigs so I believe that counts as relevant to the thread and a lot also have installed without all newer security features.
 
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.


Yeah I just don't see anything amazing happening this time around: just look at the decade MS has taken to replace all those Win95-era menus with Metro Design Language (still not done).

It will be Windows 13 before we actually have a cohesive TPM-based security system that will actually prevent gaping security holes like these from owning your system, and in the meantime my Haswell 4790k and Skylake 6500 systems tick all of the other Windows Eleventy requirements (both have a pcie 3.0 slot for installing an m.2 drive, bring-on the load speed-bump!)
 
Last edited:
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.

And the fact that windows 11 is still vulnerable to attack (which it will be given that it’s written in c and c++) suggests the onerous requirements (that will render many very capable systems as obsolete) is an anti-consumer move by Microsoft.

Because if your system doesn’t pass the windows 11 requirement, and you spend thousands of dollars to upgrade (thinking you need to do so in the name of ‘security’), your new shiny system would still be vulnerable to this zero day, and likely many other attacks.

So then, what is the point of rendering so many systems like intel 7th and 6th gen (which apparently have tpm2.0 firmware embedded into the processor) and some Ryzen first gen systems obsolete? The cost to upgrade far outweighs the security benefits (if any exist at all) gained by moving to windows 11. Especially in this upside down market with high prices and shortages of key pieces of equipment. Hopefully you can see see that.

MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.
 
MS never said that the TPM module will make Win11 the "most secure windows ever". That is something you are presenting as a fact. TMP module requirement is for solving part of the potential vulnerabilities. That doesn't mean you will be free from all of them.

There still few months before WIn11 is out. The requirements can change, in fact they were changing days after they were announced. You still have until 2025 to run Win10, MS is not making your PC uses junk if you are not on Win11.
Now it's up to you to decide if you want the new feature and the price for the upgrade is worth it. You could do it very cheaply with second hand Ryzen 2000 and a b450 mobo. Currently, the only shortages are for GPUs. I can buy all other parts at about normal price.
They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.

And how has this anything to with it, as it isn't used yet?
Because MS is fronting their security bona fides, and failing at it, repeatedly
 
They never said it, but the implication to require TPM was that security in Windows is a priority, and here we have a remotely exploitable vulnerability, its relevant and a joke at the same time.


Because MS is fronting their security bona fides, and failing at it, repeatedly

At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?
 
At the current state of things, the majority of software or hardware probably has some kind of vulnerability. So what do you want them to do?
TPM has excluded a bunch of hardware and not brought security. Also TPM isn't entirely secure either, alleged government backdoors to outright hacked, yet requiring it makes "old" hardware obsolete that otherwise would run the OS, and in either case, neither would be any more secure, because you have other attack vectors into the system. What would i have them do? Certainly don't stop trying to make it more secure, but it is fun to engage in a bit of Schadenfreude.
 
This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.
 
"PrintNightmare" lmao

I mean to be fair, printers were and always have been a nightmare. lol
Printers are a nightmare, which I think they could have used "pcloadletter" instead imho.

Just think, it could give some users the incentive they need to take their printer out to a field with a baseball bat :laugh:
 
Windows. It's that thing you're beta testing.
 
So, what anyone who switched from win7 to win10 just because of security reasons has to say now?
 
Print Spooler=Probably affects all versions of NT-based Windows, down to NT 5! (That also means Windows 2000 and Windows XP)
 
This is one of those exploits where most home users aren't going to be affected. So most people have nothing to worry about.
Probably, but it is a service many at home don't use either. So better be "safer" than potentially sorry.
 
The rather onerous requirements of windows 11 has been framed as being necessary for security reasons. Making it seem like windows 11 will be the most secure windows ever. Like Fort Knox. Yet, it’s already vulnerable to zero day flaws.
Hardware security may make some of us complacent, but it does nothing to protect us from signed code that is already bad. Which this, and nearly all security loopholes, are.

Yet another reason I am opposed to it.
 
printing is already a nightmare, cant distinguish between virus and printer fault as is. :P
 
So, what anyone who switched from win7 to win10 just because of security reasons has to say now?

Be more than one reason obviously, how ever if that was one of the reasons would depend on person to person but my reason was not due to any thing to security.
 
Thank cheap printers with shitty drivers with no on board memory of their own for this, the same set of exploits has been documented by myself and the team I was working in during XP beta and through Vista before I quit giving away time to MS in exchange for license keys and 10 year NDAs.
 
Back
Top