Patch Tuesday add printers as administrator only

Η Microsoft κυκλοφόρησε σήμερα μια ενημέρωση which changes the default behavior of the “Point and Print” feature to fix a serious security flaw that was disclosed last month.

Point and Print was first added to Windows 2000, and works by connecting a print server to download and install the necessary print drivers each time a user creates a connection to a remote printer without having the drivers.

Earlier this year, Jacob Baines, a reverse engineer at Dark Wolf Solutions, found that malicious users inside a company's network could abuse the ς Point and Print για να τρέξουν έναν κακόβουλο διακομιστή ς και να αναγκάσουν τα συστήματα των Windows να κάνουν λήψη και εγκατάσταση κακόβουλων drivers.

Δεδομένου ότι το Point and Print λειτουργούσε με προνόμια SYSTEM, η λειτουργία έδινε στους κακόβουλους χρήστες (πολύ εύκολα) το να αποκτήσουν προνόμια διαχειριστή σε οποιοδήποτε μεγάλο εταιρικό ή κυβερνητικό δίκτυο.

Microsoft initially tried to fix the issue that it documented as CVE-2021-34481 last month, but the were incomplete.

Σήμερα, η εταιρεία ακολούθησε μια άλλη προσέγγιση. Δεδομένου ότι το κενό ασφαλείας εκμεταλλεύεται ένα σχεδιαστικό ελάττωμα, η Microsoft επέλεξε να αλλάξει την προεπιλεγμένη συμπεριφορά της Point and Print.

While to date, any user could add a new printer to a Windows computer, Microsoft says that after Patch Tuesday, only administrators will be able to add or update a printer with drivers from a remote print server.


"This change will take effect with the installation of security updates released on August 10, 2021, for all supported versions of Windows," Microsoft said today.

"This change may affect Windows print clients in scenarios where underprivileged users could add or update printers. However, we firmly believe that the security risk justifies this change ", the company continues.

For companies and users who do not want to block printer installations within their networks, Microsoft a registry key was also released allowing the old behavior.

However, Microsoft warns of the dangers:

Disabling this update will expose your environment to publicly known vulnerabilities in Windows Print Spooler, and we encourage administrators to assess their security needs before taking on this responsibility. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Point and Print, windows, microsoft, iguru,

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).