KB5004945 (out-of-band) fixes a printing vulnerability PrintNightmare

Microsoft has releases a new out of band patch KB5004945 to users running Windows 10 21H1, 20H2 and 2004. After installing it, you will have the following versions: Windows 10 2004 = 19041.1083, 20H2 = 19042.1083 and 21H1 = 19043.1083.

The patch replaces the previously released update, and finally resolves the Remote Code Execution Vulnerability in Windows Print Spooler. It is known as CVE-2021-34527 and 'PrintNightmare'.

More details can be found on this support page.

It is worth noting that similar patches are now available for Windows 8.1 and even for not supported Windows 7 and Windows Server 2008. Microsoft recommends all Windows users to update their computers as soon as possible.

Besides the CVE fix, there is one more issue resolved in this update.

After installing these and later Windows updates, non-administrators are only allowed to install signed print drivers to a print server. By default, administrators can install both signed and unsigned printer drivers to a print server. Signed drivers are trusted by the installed root certificates in the system’s Trusted Root Certification Authorities.

All the patches are available via Windows Update, and for manual download from the Microsoft Update Catalog and Windows Server Update Services (WSUS).

It is a good idea to update your devices as the remote code execution vulnerability is already being exploited in the wild.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: