Microsoft has releases a new out of band patch KB5004945 to users running Windows 10 21H1, 20H2 and 2004. After installing it, you will have the following versions: Windows 10 2004 = 19041.1083, 20H2 = 19042.1083 and 21H1 = 19043.1083.
The patch replaces the previously released update, and finally resolves the Remote Code Execution Vulnerability in Windows Print Spooler. It is known as CVE-2021-34527 and 'PrintNightmare'.
More details can be found on this support page.
It is worth noting that similar patches are now available for Windows 8.1 and even for not supported Windows 7 and Windows Server 2008. Microsoft recommends all Windows users to update their computers as soon as possible.
Besides the CVE fix, there is one more issue resolved in this update.
After installing these and later Windows updates, non-administrators are only allowed to install signed print drivers to a print server. By default, administrators can install both signed and unsigned printer drivers to a print server. Signed drivers are trusted by the installed root certificates in the system’s Trusted Root Certification Authorities.
All the patches are available via Windows Update, and for manual download from the Microsoft Update Catalog and Windows Server Update Services (WSUS).
It is a good idea to update your devices as the remote code execution vulnerability is already being exploited in the wild.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!
Advertisеment
My step-dad refuses to update from Win10 1809 and the out-of-band fix for that version won’t apply… so any ideas what do we can do now other than disabling the print-spooler forever?
Here you go, Nighty!! Update for Win10 1809
https://www.catalog.update.microsoft.com/Search.aspx?q=KB5003646
Oh, well apparently the official fix doesn’t work anyway lol!
but it also removes flash player, which is not always wanted.