You may have heard of CVE-2021-34527, or as it is also known, PrintNightmare. It is a zero-day vulnerability impacting the Windows print spooler. A vulnerability that could lead to an attacker taking remote control of an affected system.
Currently, Microsoft aims to close this security loophole on its next patch day, July 13. Until then, however, we recommend that ezeep customers take the following measures to ensure they can continue to print securely:
- Via a group policy, deactivate the setting Allow Print Spooler to Accept Client Connections.
- Until Microsoft releases an update, Map Additional Printers, as well as Windows Printer Mapping, should not be used.
We recommend against deactivating the Print Service Spooler. This would mean that the use of ezeep may no longer be possible.
July 9 Update:
Installation of patch causes problems on Zebra printers.
Apparently the installation of the security patch released by Microsoft (see July 7 Update below) causes Zebra printers and possibly other label printers to stop printing.
Microsoft and Zebra are already working on a fix, which is expected to be available in 1-2 days. If Zebra printers are in use, we strongly advise against installing the July 6 Microsoft patch.
July 7 Update:
Microsoft has now released an update which resolves the remote code issue:
“Updates a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare”, as documented in CVE-2021-34527.”
For more details, visit the Microsoft support page.
We hope this information is of assistance to you, and now that the Microsoft update is released, things should be back to normal. Should you have any further questions, feel free to contact us via our support channels.