Microsoft has released out-of-band updates to fix the “PrintNightmare” remote code execution exploit in the Windows Print Spooler service. Emergency patches are now available for all versions of Windows including Windows 10, Windows 7, Windows Server 2008, and Windows 8.1, and Microsoft is recommending all Windows users to install the patches as soon as possible.
An Out-of-band update has been released to address a remote code execution exploit in the Windows Print Spooler service. We recommend you update your device as soon as possible. https://t.co/Sgf3gayN8o
— Windows Update (@WindowsUpdate) July 6, 2021
In addition to addressing the public vulnerability, the emergency fixes also include a new feature to restrict the installation of new printer drivers on Windows PCs:
After installing these and later Windows updates, non-administrators are only allowed to install signed print drivers to a print server. By default, administrators can install both signed and unsigned printer drivers to a print server. Signed drivers are trusted by the installed root certificates in the system’s Trusted Root Certification Authorities.
If you’re running Windows 10 version 2004, 20H2, or 21H1 on your PC, you’ll get the same KB5004945 patch via Windows Update. The patches for all versions of Windows are also available to download on the Microsoft Update Catalog and Windows Server Update Services (WSUS), and Microsoft recommends installing them as soon as possible as the remote code execution vulnerability is already being exploited by attackers.