What is PrintNightmare?
PrintNightmare is a vulnerability in Windows print servers where an attacker could run code with SYSTEM privileges on a Microsoft Windows computer. Click here to view the Microsoft point and print default behavior change blog.
What is Microsoft’s Approach?
Microsoft released an update on August 10, 2021, which prompts for an administrator username and password when a print driver is installed. While the update limits the amount of damage an attacker can cause, it did not completely fix the security issue.
How does this effect my network?
When a print driver is updated on a Windows print server, all computers on the network will receive a prompt for the IT department to enter an administrator username and password which allows for the print driver to be installed. Depending on the size of the network, users will not be able to print until all computers have been addressed.
If this patch gets installed on my network, what are my options?
This update is to address a real security issue. Until Microsoft completely fixes the security issue, there are limited options:
- Enter Username and Password when a driver is installed: Even though this is very inconvenient for users and IT, this process is to ensure drivers are not installed without your knowledge
- Temporarily Disable the Patch: Microsoft has a documented process to remove the administrator username and password prompt. Microsoft cautions this step as it reverses the security update. This process is to be used only when changing drivers or print hardware on the network. It is recommended to revert to the prior secure configuration once complete. See the reference article on Microsoft.com: Manage new point and print default driver installation behavior
- Eliminate Print Servers: Utilizing a cloud-based print management solution provides additional features beyond what a Windows print server can provide. By removing the local print server eliminates the bottlenecks that network administrators contend with while shifting to the cloud adds flexibility and security. If interested in this option, please reach out to your local UBEO representative to schedule a demo and discuss pricing.
How do I implement the above options?
Contact your internal or third-party IT department as PrintNightmare is a Windows operating system issue and not a print driver issue. The IT department knows the administrator username and password and how to manage Microsoft updates.
Erick Miller
Erick Miller has more than 20 years of experience in information technology management and serves as UBEO's VP of Technology Solutions. Erick oversees the Information Technology, Solutions and AV, ECM, and Managed Services teams. In his leadership, Erick holds firm to the belief that you are only good as your team so...