This new micropatch should fix Windows PrintNightmare issues once and for all

Meanwhile, there’s no official fix for the new exploit from Microsoft

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The long continuing saga of thePrintNightmare vulnerabilitiescould finally be coming to an end with the release of an unofficial patch.

WhileMicrosoftdidissue a new patchto address the remote code exploitation (RCE) vulnerability,cybersecurityresearchersdismissed itas ineffective.

To address the concerns, Mitja Kolsek, co-founder of the 0patch micropatching service, hasreleased a free micropatchthat can finally put an end to the PrintNightmare saga.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

PrintNightmare came to light when it wasdisclosed accidentallyby Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched by Microsoft.

Can of worms

Earlier this week, Benjamin Delpy, creator of popular post exploitation tool Mimikatz, has found a way toexploit the vulnerabilityin the Windows Print Spooler to enable any user to gain admin privileges on a vulnerable computer.

Breaking down Delpy’s exploit, Kolsek explains that although Windows asks all printer driver packages installed via Point and Print to be signed by a trusted source since 2016, Delpy found a way to include malicious executables outside of the signed package, which would then be run by the Print Spooler service.

Kolsek says this isn’t a trivial issue to fix, since adding signature requirements to queue-specific files is a code-intensive exercise.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“We therefore decided to implement the group policy-based workaround as a micropatch, blocking Point and Print printer driver installation from untrusted servers,” writes Kolsek while putting out his free patch that works on all active Windows releases, namely Windows Server 2008 R2 and above, as well asWindows 7and above.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well