Posted on 07/01/2021 7:55:16 AM PDT by dayglored
[Dayglored Note: This is primarily for Windows Administrators, but is of potential concern to ALL Windows users.]
Also see:
Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller
PrintNightmare: Windows Zero-Day Accidentally Disclosed by Chinese Researchers
Public Windows PrintNightmare 0-day exploit allows domain takeover
The CERT Coordination Center (CERT/CC) has released a VulNote for a critical remote code execution vulnerability in the Windows Print spooler service, noting: “while Microsoft has released an update for CVE-2021-1675, it is important to realize that this update does not address the public exploits that also identify as CVE-2021-1675.” An attacker can exploit this vulnerability—nicknamed PrintNightmare—to take control of an affected system.
CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. Additionally, administrators should employ the following best practice from Microsoft’s how-to guides, published January 11, 2021: “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object.”
Just Wonderful!
Norton 360 Premium Utilities, MalwareBytes Premium and CCleaner Pro keep my 2 HP industrial machines running as well as they did when I got them in 2009.
I’ve got Norton 360, but I haven’t bought the utilities. I’ll upgrade my sub this year when it renews, especially since our machines are getting older.
Not really, since most businesses are not using their domain controller as a print server, so disabling the spooler service on the DC doesn’t affect printing at all for the rest of the domain.
Yes, and it’s enabled by default. You can run “services.msc” from the “Run” section of the Start Menu to see what services are running, then change the “Start Up Type” to “Disabled” to turn it off.
You deserve an “attaboy” for that one!
It took me less than 60 seconds to add a service stop/disable GP preference that touches every system in my customer environment (>2K Windows systems). MS will fix the exploit.
Printing has ALWAYS been a black hole. I can’t tell you how many contracts I’ve turned down to do enterprise printing implementations. It’s the wild wild west, and even Microsoft’s print server solution is inadequate.
Yep. Of all the aspects of computing, printing problems have uniformly been the most horrific to work on. Even old tape drives aren't as bad as printing.
I am going to make you and others here aware of some information that I received from my computer shop. All that I know about this place is that it exists, I have NOT dealt with or even spoke to them, and I have not vetted them in any way. I had some work done at Altex, the shop where I bought my computer, and asked them if they sold used computers, and they referred me to a place called Discount Electronics, URL at the end of this post. With that being said, I think that they are some sort of defacto Dell Outlet facility, but I don’t know anything about that. They are located right down the road from the Dell Campus in Round Rock. They sell Dell computers, with Windows 10 OR Windows 7 Pro preinstalled. Prices seem great.
The URL is https://discountelectronics.com/used-computers/
It’s truly worth it, for older machines.
I'm right there with you.
As someone who still backs up some data to 500 GB tape, I agree with you 100%. We have a single B&W laser printer for the house, and I refuse to manage it with my in-house domain lab.
We had a printer recently that would not stop printing a huge document, lol, and was in a constant state of spooling. It was a nightmare!
a workaround fix can be applied by disabling the printer spooler service. Here's how to do it on both GPO and PowerShell. https://github.com/LaresLLC/CVE-2021-1675
Or the cost to rip and replace 10, 12, 15 years of hardware “that still works”...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.