Windows 10 update toughens security around Point and Print

It can still be overridden by a registry tweak

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas fine tuned the defaultprinterdriver installation and update behavior to mitigate vulnerabilities in theWindowsPrint Spooler service that came to the fore with thePrintNightmarevulnerability.

The security update is designed to change the default Windows behavior, which debuted with Windows 2000 to enable users to connect to a print server to download and install necessary printer drivers.

Known as Point and Print,cybersecurityresearchers recently demonstrated that the feature could be used to run a malicious print server and force Windows systems to download and install malicious drivers.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“Our investigation into several vulnerabilities collectively referred to as “PrintNightmare” has determined that the default behavior of Point and Print does not provide customers with the level of security required to protect against potential attacks. Today, we are addressing this risk by changing the default Point and Print driver installation and update behavior to require administrator privileges,”sharedthe Microsoft Security Response Center (MSRC) team.

Fixing privileges

Following thedisclosure of the vulnerability, tracked as CVE-2021-34481, Microsoft’s initial attempts to fix it were “deemed incomplete.”

Acknowledging that the vulnerability takes advantage of what can be described as a design flaw, Microsoft has now tweaked the default behavior to prevent users without administrator privileges from adding or updating printers.

Microsoft says that the change in policy will impact use cases that relied on regular Windows users to add and modify printers. However, in light of the fact that this vulnerability can be exploited Microsoft stresses that the “security risk justifies this change” despite the inconvenience it may cause.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

That said, Microsoft has given users the option tomanually overridethe new security policy with a registry key.

ViaThe Record

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Samsung plans record-breaking 400-layer NAND chip that could be key to breaking 200TB barrier for ultra large capacity AI hyperscaler SSDs

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)