• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

What IT Pros Need To Know About The PrintNightmare Vulnerability

IT administrators are being warned of a new actively exploited and unpatched remote code execution vulnerability in Windows Print Spooler.

July 2, 2021 Zachary Comeau Leave a Comment

Microsoft January Patch Tuesday
wolterke/stock.adobe.com

IT administrators are being warned of an actively exploited remote code execution vulnerability in Windows Print Spooler that could allow an attacker to install programs, view or change data or create new accounts with full user rights.

The vulnerability is being referred to as PrintNightmare (CVE-2021-34527), which Microsoft says is slightly different from another vulnerability (CVE- 2021-1675) related to Windows Print Spooler with a different attack vector that was addressed in the June 2021 security update. The new vulnerability, however, is unpatched and is being actively exploited in the wild.

According to the CERT Coordination Center, the Print Spooler service fails to restrict access to RpcAddPrinterDriverEx() function, which is used to install a printer drive on a system.

According to Microsoft, the vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. A successful exploit could result in arbitrary code being run with SYSTEM privileges, and an attacker could then “install programs; view, change, or delete data; or create new accounts with full user rights,”

An attack must involve an authenticated user calling RpcAddPrinterDriverEx(), Microsoft said in a security update.

Read Next: Microsoft IDs Three Vulnerabilities In NETGEAR Routers

The company is urging users to apply security updates that were released on June 8 and disable the Print Spooler service, which will disable the ability to print both locally and remotely.

Another option Microsoft lays out is to disable inbound remote printing through Group Policy, which will block the attack vector by preventing inbound remote printing operations.

“The system will no longer function as a print server, but local printing to a directly attached device will still be possible,” the company says.

According to Microsoft, the vulnerability existed before the June security update, and all versions of Windows contain the vulnerable code, but it is not yet known if all versions of Windows are exploitable.

The CERT Coordinator said Microsoft’s update for CVE-2021-1675 does not protect Active Directory domain controllers or systems that have Point and Print configured with the NoWarningElecationOnInstall option configured.

The U.S. Cybersecurity and Infrastructure Agency is urging administrators to disable the service in Domain Controllers and systems that do not print.

According to The Verge, security researchers — perhaps mistakenly — published information about the new vulnerability before Microsoft could issue a patch.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cybersecurity, Microsoft, Vulnerability

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.