Earlier last week, Microsoft acknowledged that it was investigating a critical vulnerability in Windows 10 that when exploited could let attackers run arbitrary code on the victim’s system. The vulnerability, tracked under CVE-2021-34527, is present in the Windows Print Spooler service and is termed print "PrintNightmare" that can allow for remote code execution (RCE). As the vulnerability was still being investigated, the Redmond firm listed two possible workarounds to mitigate the risks caused by the bug.

 

Today, the firm has provided an update in the Microsoft Security Response Center (MSRC) listing for the vulnerability noting that it is rolling out a patch for the latest Windows 10 versions to address the issue. The update, KB5004945, is currently rolling out to the three most recent Windows 10 versions, 2004, 20H2, and 21H1, bumping them to Windows 10 builds 19041.1083, 19042.1083, and 19043.1083, respectively. Since these versions are based on the same codebase, the updates are identical for all the versions. The changelog and documentation for the update are yet to go live.

Considering that these are security updates to fix a critical vulnerability, they are mandatory updates and are downloaded automatically through Windows Update. Users can also manually download the patch from the Update Catalog here. Future patches, such as the upcoming Patch Tuesday updates, will contain these fixes.

 

There is no word from the firm on how the vulnerability affects older versions of the OS, though it notes that it has completed the investigation of the issue. The updates today are only rolling out to the three most recent and fully supported Windows 10 versions, but it will not be surprising to see a patch being made available for older versions still being supported for Enterprise and Education customers sooner, as the firm notes that supported Windows versions that do not receive an update today will get one "shortly after July 6".

 

For those unaware, the PrintNightmare vulnerability is caused by the Print Spooler service not restricting access to a function that is used to install printer drivers remotely. An attacker that gains unrestricted access can execute arbitrary code with SYSTEM privileges, examples of which are already available on the web. Considering the severity of the vulnerability, it is best for all users to update to the latest build as soon as possible.

 

Update: The patches are available for most supported Windows 10, Windows 8.1, and Windows 7 (ESU users). You can either update via Windows Update, or head to the MSRC document to find links to the requisite Update Catalog pages. The company has also provided the KB article links, but as is the case these days, those pages are yet to be updated. Windows 10 version 1607, Windows Server 2012, and Windows Server 2016 are yet to receive updates.

 

Here is the complete list of links posted by the firm:

Product	Severity	Article	Download
Windows Server 2012 R2 (Server Core installation)	Critical	5004954	Monthly Rollup
Windows Server 2012 R2 (Server Core installation)	Critical	5004958	Security Only
Windows Server 2012 R2	Critical	5004954	Monthly Rollup
Windows Server 2012 R2	Critical	5004958	Security Only
Windows Server 2012 (Server Core installation)	Critical
Windows Server 2012	Critical
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	Critical	5004953	Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)	Critical	5004951	Security Only
Windows Server 2008 R2 for x64-based Systems Service Pack 1	Critical	5004953	Monthly Rollup
Windows Server 2008 R2 for x64-based Systems Service Pack 1	Critical	5004951	Security Only
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	Critical	5004955	Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)	Critical	5004959	Security Only
Windows Server 2008 for x64-based Systems Service Pack 2	Critical	5004955	Monthly Rollup
Windows Server 2008 for x64-based Systems Service Pack 2	Critical	5004959	Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	Critical	5004955	Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)	Critical	5004959	Security Only
Windows Server 2008 for 32-bit Systems Service Pack 2	Critical	5004955	Monthly Rollup
Windows Server 2008 for 32-bit Systems Service Pack 2	Critical	5004959	Security Only
Windows 8.1 for x64-based systems	Critical	5004954	Monthly Rollup
Windows 8.1 for x64-based systems	Critical	5004958	Security Only
Windows 8.1 for 32-bit systems	Critical	5004954	Monthly Rollup
Windows 8.1 for 32-bit systems	Critical	5004958	Security Only
Windows 7 for x64-based Systems Service Pack 1	Critical	5004953	Monthly Rollup
Windows 7 for x64-based Systems Service Pack 1	Critical	5004951	Security Only
Windows 7 for 32-bit Systems Service Pack 1	Critical	5004953	Monthly Rollup
Windows 7 for 32-bit Systems Service Pack 1	Critical	5004951	Security Only
Windows Server 2016 (Server Core installation)	Critical
Windows Server 2016	Critical
Windows 10 Version 1607 for x64-based Systems	Critical
Windows 10 Version 1607 for 32-bit Systems	Critical
Windows 10 for x64-based Systems	Critical	5004950	Security Update
Windows 10 for 32-bit Systems	Critical	5004950	Security Update
Windows Server, version 20H2 (Server Core Installation)	Critical	5004945	Security Update
Windows 10 Version 20H2 for ARM64-based Systems	Critical	5004945	Security Update
Windows 10 Version 20H2 for 32-bit Systems	Critical	5004945	Security Update
Windows 10 Version 20H2 for x64-based Systems	Critical	5004945	Security Update
Windows Server, version 2004 (Server Core installation)	Critical	5004945	Security Update
Windows 10 Version 2004 for x64-based Systems	Critical	5004945	Security Update
Windows 10 Version 2004 for ARM64-based Systems	Critical	5004945	Security Update
Windows 10 Version 2004 for 32-bit Systems	Critical	5004945	Security Update
Windows 10 Version 21H1 for 32-bit Systems	Critical	5004945	Security Update
Windows 10 Version 21H1 for ARM64-based Systems	Critical	5004945	Security Update
Windows 10 Version 21H1 for x64-based Systems	Critical	5004945	Security Update
Windows 10 Version 1909 for ARM64-based Systems	Critical	5004946	Security Update
Windows 10 Version 1909 for x64-based Systems	Critical	5004946	Security Update
Windows 10 Version 1909 for 32-bit Systems	Critical	5004946	Security Update
Windows Server 2019 (Server Core installation)	Critical	5004947	Security Update
Windows Server 2019	Critical	5004947	Security Update
Windows 10 Version 1809 for ARM64-based Systems	Critical	5004947	Security Update
Windows 10 Version 1809 for x64-based Systems	Critical	5004947	Security Update
Windows 10 Version 1809 for 32-bit Systems	Critical	5004947	Security Update

 

Update 2: The KB articles are now live for those interested in reading through the changelog. For Windows 10, the changelog is mostly similar across versions. Here is how the firm details the update:

Addresses a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare”, as documented in CVE-2021-34527. After installing this and later Windows updates, users who are not administrators can only install signed print drivers to a print server. By default, administrators can install signed and unsigned printer drivers to a print server. The installed root certificates in the system’s Trusted Root Certification Authorities trusts signed drivers. Microsoft recommends that you immediately install this update on all supported Windows client and server operating system, starting with devices that currently host the print server role. You also have the option to configure the RestrictDriverInstallationToAdministrators registry setting to prevent non-administrators from installing signed printer drivers on a print server. For more information, see KB5005010.