Microsoft Releases More Updates For Windows ‘PrintNightmare’ Vulnerability

When it comes to security threats, ‘we are definitely seeing a greater need and greater challenge for customers,’ said Brian Glahn, CEO of Blue Bell, Pa.-based Microsoft partner Anexinet, in an interview.

Microsoft has unveiled more changes to default Point and Print driver installation and update behavior to combat a group of vulnerabilities dubbed “PrintNightmare,” according to an online post Tuesday from the Microsoft Security Response Center.

The Redmond, Wash.-based tech giant now requires administrator privileges to mitigate vulnerabilities in the Windows Print Spooler service. The change is part of security updates released on Tuesday.

“While not recommended,” customers can manually disable this mitigation with a registry key, according to the post.

[RELATED: Microsoft Patches ‘PrintNightmare’ Vulnerability In Windows, Urges Immediate Install]

“Disabling this mitigation will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service,” according to the post. “We recommend administrators assess their security needs before assuming this risk.”

The change “may impact” Windows print clients with non-elevated users who want to add or update unique printers, according to the post.

“However, we strongly believe that the security risk justifies this change,” according to Microsoft.

Microsoft previously released security updates in July to address the vulnerability. The vulnerability was found in how print spooler improperly performs privileged file operations, according to a Microsoft post from the time. An attacker could use the vulnerability to install programs, change data and create new accounts with full user rights, among other actions.

Multiple print spooler vulnerabilities have been identified over the years.

Anexinet, a Blue Bell, Pa.-based Microsoft Gold partner and No. 213 on CRN’s Solution Provider 500 for 2021, said that modern security threats have led to more investment in the practice for MSPs, CEO Brian Glahn told CRN in an interview. Microsoft is a leader in the security space, Glahn said.

When it comes to security threats, “we are definitely seeing a greater need and greater challenge for customers,” Glahn said. “As we leverage the security technologies in this space, I think Microsoft is an important partner for us, as well as many others.”

The past year, in particular, has seen Microsoft get far more vocal and aggressive around the need for increasing security, including an emphasis on urging businesses to shift to the cloud from on-premises infrastructure.

The Redmond, Wash.-based tech giant has also acquired multiple cybersecurity companies in 2021 so far, including privileged access startup CloudKnox Security.

And during the company’s latest earnings call in July, CEO Satya Nadella said Microsoft is seeing “accelerated demand” for its “end-to-end” cybersecurity solutions.