Share this article
Improve this guide
How to download KB5004945 and fix the PrintNightmare vulnerability
4 min. read
Updated onOctober 4, 2023
updated onOctober 4, 2023
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
The Redmond-based tech company has released acritical emergency patchto fix a problem with the Windows Print Spooler service.
This vulnerability in question is known as PrintNightmare and it was under constant exploit from malicious entities.
When exploited, it allowed attackers to install software; view, alter, delete data; or even create new accounts with full user rights. However, user reports are indicating that the patch doesn’t really fix the entire issue.
KB5004945is a new security update that has been released for any Windows version newer than v2004.
Users who have Windows 10 version 1909 will first get theKB5004946patch, and then the PrintNightmare patch will also be installed.
The patch is available for multiple Windows versions
The above-mentioned security patch is now available for quite a few versions of Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2021 R2, Windows Server 2008, and Windows RT 8.1.
If you are a Windows 7 user, this patch is also available for you, even though the operating system is out of support.
The only OS versions for which this patch is currently unavailable are Windows 10 version 1607, Windows Server 2016, and Windows Server 2012, but Microsoft stated that they are working on it.
This whole situation seems to be pretty serious, considering that the software is also addressed to Windows 7, this fact being an indicator of the severity of the problem.
Even more, knowing the Windows 7 OS has been out of support ever since January 14, 2020.
Information about this also circulated on social media, where security researchers said that Microsoft’s patch only addresses one element of the vulnerability.
The Microsoft fix released for recent#PrintNightmarevulnerability addresses the remote vector – however the LPE variations still function. These work out of the box on Windows 7, 8, 8.1, 2008 and 2012 but require Point&Print configured for Windows 2016,2019,10 & 11(?). ?♂️https://t.co/PRO3p99CFo
What’s disconcerting is that malicious third parties can still target these vulnerabilities. Word on the internet is that there are ways for people to completely bypass Microsoft’s patch and target vulnerable systems.
This is achieved via remote code execution in addition to the previous local privilege execution.
Dealing with strings & filenames is hard?New function in#mimikatz?to normalize filenames (bypassing checks by using UNC instead of \servershare format)So a RCE (and LPE) with#printnightmareon a fully patched server, with Point & Print enabled>https://t.co/Wzb5GAfWfdpic.twitter.com/HTDf004N7r
As you can see, Microsoft is taking this threat very seriously, so we think that you should too.
Update to Windows 10 Version 20H2 &21H1
1. Open Windows Update
2. Perform the update
How can I fix the Print Spooler PrintNightmare without updating?
Even though it is not recommended that you follow this path, it might be useful in the case of some users, so here are the required steps to successfully stop the Print Spooler service:
Performing these steps will ensure that Windows will firstly disable the corrupted service, and the second command will stop it from running at the startup of your system.
If for any reason, you will want to revert these changes at some point, you can run the following commands:
Microsoft now urges users to install this security update and make the best efforts to keep their private content inaccessible to external sources.
Online safety should be one of the first things on our minds, seeing how these threats can greatly impact individuals and companies alike.
What extra security measures are you taking, to protect your data? Let us know in the comments section below.
More about the topics:microsoft,security,windows 10 updates
Vladimir Popescu
Being an artist his entire life while also playing handball at a professional level, Vladimir has also developed a passion for all things computer-related.
With an innate fascination for research and analysis, and realizing many other people share his passion for this subject, he delved into writing Windows-related articles, so other people can also benefit from the acquired information.
When not writing kick-ass articles, Vladimir likes to spend his time doing Crossfit and creating art.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Vladimir Popescu
