Microsoft has released an emergency patch for the infamous PrintNightmare bug that was revealed in the Windows Print Spooler just over a week ago.
The bad news is that early reports suggest that the patch doesn’t protect against all aspects of the PrintNightmare bug, and that it may be possible to bypass the patch entirely, depending on the version of Windows involved and the Print Spooler configuration on the targeted computer.
This emergency patch should be installed immediately on all affected versions of Microsoft Windows.
Workaround
There is a workaround for any and all Windows systems:
- Turn off the Print Spooler
- Set it into Disabled mode so it can’t start up again, either by accident or by design.
No Print Spooler, no attack surface; no attack surface, no security hole; no security hole, no break-and-enter point.
Unfortunately, without the Print Spooler running, you can’t print, so anyone who needed a working printer somewhere on their network working was on the horns of a dilemma: leave the Spooler running only on carefully selected servers, and watch them really carefully; or continually re-enable/print/disable the Spooler every time output was required.