[WGH]

Keep an eye out for Microsoft Windows patch July 6, 2021—KB5004945, this is a critical out-of-band patch to fix a Windows Print Spooler service zero-day vulnerability going back to Windows 7.

"According to Microsoft, which released “PrintNightmare” mitigation strategies yesterday (July 1), attackers could use the vulnerability to gain system-level access and remotely install programs on your PC, modify or delete data, or create new accounts with full user rights. Such techniques could be used for ransomware attacks, for example."
https://www.tomsguide.com/news/windows-hit-by-printnightmare-exploit-what-you-need-to-know

My computer was updated last night so Microsoft is pushing the patch out super fast. If you have turned off Automatic Updates now is the time to get current.
Even though Windows 7 support ended over a year ago on Jan. 14, 2020 with no more updates (security, software, tech support), Microsoft thinks the Printnightmare vulnerability is so important that Windows 7 gets this patch too, check your Automatic Updates.

More info:
Windows Print Spooler Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

July 6, 2021—KB5004945
https://support.microsoft.com/en-us/topic/july-6-2021-kb5004945-os-builds-19041-1083-19042-1083-and-19043-1083-out-of-band-44b34928-0a71-4473-aa22-ecf3b83eed0e

Microsoft issues emergency Windows patch to fix critical ‘PrintNightmare’ vulnerability - Microsoft is even patching Windows 7
https://www.theverge.com/2021/7/6/22565868/microsoft-printnightmare-windows-print-spooler-service-emergency-patch-hotfix

For System Admins - Microsoft's incomplete PrintNightmare patch fails to fix vulnerability
https://www.bleepingcomputer.com/news/microsoft/microsofts-incomplete-printnightmare-patch-fails-to-fix-vulnerability/

[FullRangeMan]

I missing W7, W10 becomes too big.

[ArthurDent]

Thanks for the 'heads up' sir. Just checked and doesn't appear to be available yet for Win7. Will keep an eye out. I have still been getting the Malicious Software Updates for Win7. Tied to it for some work software until I 'fully' retire.

[FullRangeMan]

The problem involves the printer program which would allow control of the computer through the printing system used in workplaces with network printers.
As I have no printer I am safe ?

[WGH]

As I have no printer I am safe ?

You misunderstand the vunerability. The Print Spooler is on all computers, not only networked computers so all computer are effected. Why not apply the patch and be sure?
Does the the Print Spooler service run by default, even with no printer attached. Don't know, I always had a printer attached.

Type msconfig in search box, click on Services, scroll down to Print Spooler to see if it is running.
https://www.thewindowsclub.com/enable-or-disable-print-spooler-service



You will probably need to go to Computer Management --> Services to change what it does. Type in services.msc in the search box



And because Windows 10 has a multitude ways to do the same thing depending on your configuration you have many more ways to screw up your computer:

How to mitigate Print Spooler vulnerability on Windows 10
https://www.bleepingcomputer.com/news/microsoft/how-to-mitigate-print-spooler-vulnerability-on-windows-10/

How to enable or disable Print Spooler Service on Windows 10
https://www.thewindowsclub.com/enable-or-disable-print-spooler-service

The US Government Cybersecurity & Infrastructure Security Agency has a July 2, 2021 update:
PrintNightmare, Critical Windows Print Spooler Vulnerability
https://us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability

"CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. Additionally, administrators should employ the following best practice from Microsoft’s how-to guides, published January 11, 2021: “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object.”

Or you can apply the patch.

[HAL]

Yep, the update for Win10 was waiting to be installed. 

Thanks for the heads-up.

[newzooreview]

Yep, the update for Win10 was waiting to be installed.

The patch just issued by Microsoft does not fix the problem, apparently.

"An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice,…"

https://arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/

Turning of the service manually, as described above, worked for me and persisted through a reboot of Windows.

[FullRangeMan]

The patch just issued by Microsoft does not fix the problem, apparently.

"An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice,…"

https://arstechnica.com/gadgets/2021/07/microsofts-emergency-patch-fails-to-fix-critical-printnightmare-vulnerability/

Turning of the service manually, as described above, worked for me and persisted through a reboot of Windows.

They do this procedure usually, its clear that the fix path do something else.

[SteveFord]

Windows users should install both the patch from June and Tuesday and await further instructions from Microsoft.

 I expect that instructions will be delivered via the microchip that was injected into me this past January so I will stand by.

[FullRangeMan]

You misunderstand the vunerability. The Print Spooler is on all computers, not only networked computers so all computer are effected. Why not apply the patch and be sure?
Does the the Print Spooler service run by default, even with no printer attached. Don't know, I always had a printer attached.

Type msconfig in search box, click on Services, scroll down to Print Spooler to see if it is running.
https://www.thewindowsclub.com/enable-or-disable-print-spooler-service



You will probably need to go to Computer Management --> Services to change what it does. Type in services.msc in the search box



And because Windows 10 has a multitude ways to do the same thing depending on your configuration you have many more ways to screw up your computer:

How to mitigate Print Spooler vulnerability on Windows 10
https://www.bleepingcomputer.com/news/microsoft/how-to-mitigate-print-spooler-vulnerability-on-windows-10/

How to enable or disable Print Spooler Service on Windows 10
https://www.thewindowsclub.com/enable-or-disable-print-spooler-service

The US Government Cybersecurity & Infrastructure Security Agency has a July 2, 2021 update:
PrintNightmare, Critical Windows Print Spooler Vulnerability
https://us-cert.cisa.gov/ncas/current-activity/2021/06/30/printnightmare-critical-windows-print-spooler-vulnerability

"CISA encourages administrators to disable the Windows Print spooler service in Domain Controllers and systems that do not print. Additionally, administrators should employ the following best practice from Microsoft’s how-to guides, published January 11, 2021: “Due to the possibility for exposure, domain controllers and Active Directory admin systems need to have the Print spooler service disabled. The recommended way to do this is using a Group Policy Object.”

Or you can apply the patch.

Thanks I already suspected it, just want a second opinion, I will see it. 
There is others services that are likely to be disabled by not used as Fax, Phone Service or various Xbox if you arent a tennager.

[andy_c]

I found this article about the vulnerability and the latest MS recommendation: Clarified Guidance CVE-2021-34527 Windows Print Spooler Vulnerability.

The instructions assume that you installed the security updates from July 6. They tell you to look for a certain set of registry keys, and if they are either not present or set to zero, there is no vulnerability - provided the July 6 updates have been installed.