Windows Print Spooler Security Vulnerability
Revision as of 20:32, 6 July 2021 by Steve410 (talk | contribs) (→Temporary Solution To Disable Accepting Print Client Connections... Until Microsoft Releases A Patch)
INTRO
- On 7/6/21, we were informed of a serious vulnerability in Windows's print spooler that would allow someone on your network (e.g., someone on the same VPN as you) to gain access to your Windows PC/laptop... if the Print Spooler is configured to accept print client connections. By default, it looks as though most systems are configured to accept print client connections (and those are typically used when someone on a Windows system wants to print to a printer that might be connected locally to your Windows system.) But, because that option might be active as a Windows default, your system may be vulnerable, and you must take action.
- Therefore, you must disable your system's ability to accept print client connections option right away, until Microsoft comes up with an official patch. Once Microsoft releases a patch, we are thinking it will probably become one of the Windows Updates that your PC will download at Updates time. As more information is made available, we will update this page. But, in the meantime, you will need to disable the print client connections option. We have included instructions below for you to do so.
- You may read about the vulnerability here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
Temporary Solution To Disable Accepting Print Client Connections... Until Microsoft Releases A Patch
- In your Windows search window, bottom left, type Edit Group Policy.
- Click on Edit Group Policy. If your system needs it, you will be prompted for your admin account credentials. This will bring up the Local Group Policy Editor.
- Click on the down arrow to the left of Computer Configuration on the left-hand pane. This will provide a drop-down of choices.
- Click on the down arrow to the left of Administrative Templates
- Click on Printers.
- Over on the right-hand pane, Double-click on Allow Print Spooler to accept client connections. (You might need to scroll towards the bottom to find it.) This brings up the the Allow Print Spooler to accept client connections. window.
- Click on Disabled, and hit OK. (If it was already set to Disabled, you're already done, just hit Cancel, and you may continue working on your system.)
- NOTE: If the option Not Configured is selected, by default, that also means that Allow Print Spooler to accept client connections is enabled, just as if Enabled was the active option. Unless you mark it as Disabled, the other options there mean it is Enabled.
- Exit out of the Local Group Policy Editor
- Reboot your system for this change to Disabled to take effect.
- Once Microsoft releases a patch, and you verify it has been installed, you can then choose to bring