Microsoft fixes Print Spooler bugs with August Patch Tuesday rollout

2 years ago 320

The fix, though, means that lone administrators volition beryllium capable to instal people drivers connected Windows PCs.

Hacker bug for net protection. Computer information defense

Microsoft has yet patched the past successful a bid of information vulnerabilities successful its Windows Print Spooler work that could person allowed attackers to remotely power an affected strategy and instal malicious programs oregon make caller accounts. On Tuesday, the institution pushed retired its August Patch Tuesday lineup, which included a fix for the Print Spooler Remote Code Execution Vulnerability to code this circumstantial issue.

SEE: The 10 astir important cyberattacks of the decennary (free PDF) (TechRepublic)

This isn't the archetypal clip Microsoft has tried to squash persistent bugs related to the Windows Print Spooler service. In June, the institution pushed retired a fix to woody with 1 flaw.

Then successful aboriginal July, it rolled retired an exigency patch for different Print Spooler vulnerability dubbed PrintNightmare. Affecting each 40 versions of Windows, adjacent older and unsupported ones, this flaw acrophobic an contented with RpcAddPrinterDriverEx(), a relation that lets users instal oregon update a people driver.

Though the latest spot hopefully fixes these Print Spooler vulnerabilities for good, determination is 1 large downside. You present request head privileges to instal a people driver. That apt volition beryllium an contented astatine organizations wherever users are not fixed admin rights specifically for information reasons. Now, assistance table and IT unit volition person to measurement it anytime a caller operator for a web printer needs to beryllium installed.

"Windows updates released August 10, 2021 and aboriginal will, by default, necessitate administrative privilege to instal drivers," Microsoft said successful a new enactment document. "We made this alteration successful default behaviour to code the hazard successful each Windows devices, including devices that bash not usage Point and Print oregon people functionality."

Users volition nary longer beryllium capable to instal caller printers oregon update existing ones utilizing people drivers from a distant machine oregon server, Microsoft explained. A notice from the Microsoft Security Response Center delves further into this conundrum, asserting that the information hazard justifies this change. Customers tin disable this request through a Registry hack, but the MSRC folks said doing truthful would exposure you to known vulnerabilities successful the Windows Print Spooler service.

"The TLDR (Too Long Didn't Read) is that Microsoft was yet bushed of bugs like CVE-2021-3448 and moved to lone let administrators to instal people drivers," Jerry Gamblin, Kenna Security manager of information research, told TechRepublic. "It appears that Microsoft is admitting decision successful the quality to unafraid the people spool capable for non-admin users to power it, and this mode volition beryllium capable to autumn backmost connected 'you person to beryllium an administrator' connected aboriginal bugs, which volition marque them little impactful."

Beyond the Print Spooler fixes, the updates successful this month's Patch Tuesday code 51 antithetic vulnerabilities, which Gamblin referred to arsenic a "quiet" month. The lineup includes 17 Elevation of Privilege Vulnerabilities, 13 Remote Code Execution Vulnerabilities and 2 Denial of Service Vulnerabilities.

"CVE-2021-36948, an elevation of privilege vulnerability successful the Windows Update Medic Service, is being reported arsenic being exploited successful the chaotic by Microsoft," Gamblin said. "Still, we person seen nary grounds of it astatine Kenna Security astatine this time. All 3 zero-days this period are what I notation to arsenic 'BigFoot Zero-days' arsenic determination has been nary nationalist confirmation of them existing. Overall this period yet has nary surprises that should halt you from patching connected your mean spot cadence."