Learn How to Fix Zero Day PrintNightmare Update issue. Microsoft has recently released an Out-of-band patch KB5004945 to fix the PrintNightmare Vulnerability on the Print Spooler service for Windows 10 and earlier versions of the OS but soon after the release, a group of users has been reporting that the fix has been causing some unexpected issues with some printers.
PrintNightmare bug (CVE-2021-34527) can be used by an attacker to perform any task like Modifying Data, Installing Programs, etc. on the system with elevated privileges. Hence Microsoft has recommended all its users disable the Print Spooler until the patches are applied.
Microsoft has acknowledged the issue and stated that it’s working on releasing a fix in the next 1-2 days. While Initially the issue was reported only Zebra Made Printers later on same issues were reported on other printers too. So, In this blog post, we will take a look at the ways to mitigate the issue caused by this update.
Known Issues
Below were the statements made by Software Giant Microsoft and the Printer Maker Zebra after the issue surfaced. Let’s learn about Fix Zero Day PrintNightmare fixes in the below sections.
“After installing this update, you might have issues printing to certain printers. Most affected printers are receipt or label printers that connect via USB. Note This issue is not related to CVE-2021-34527 or CVE-2021-1675.
This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices.
Restarting your Windows device might help the resolution apply to your device faster. For enterprise-managed devices that have installed an affected update and encountered this issue, it can be resolved by installing and configuring a special Group Policy,”
Statement by Microsoft on the Printer Issue
“We are aware of issues affecting multiple brands of printers when printing from PCs that have been recently updated via the Windows Update Service (KB5004945, KB5004760, or KB5003690). The most common symptom is print jobs being sent, but not actually printing.
This issue is observed after users install the Windows 10 out-of-band security update KB5004945 (or previous updates, KB5004760 and KB5003690). The KB5004945 security update addresses a remote code execution exploit in the Windows Print Spooler service, known as ‘PrintNightmare.”
Statement by Printer Maker Zebra
How to Fix Zero Day PrintNightmare
Uninstalling the Update
Let’s start with the easiest way to Fix Zero Day PrintNightmare issue. To uninstall the cumulative update KB5004945 to fix printer problems, use these steps below:
- Click Start
- Open Settings.
- Click on Update & Security.
- Click on Windows Update.
- Click on View update history
- Click Uninstall updates
- Select Security Update for Microsoft Windows (KB5004945).
- Click Uninstall
- Click Yes.
- Click Restart now.
NOTE! Learn more about Zero Day Out of band patch and how to fix Print Spooler Vulnerability.
Registry Fix
You Should Consider making changes to the below DWORD registry keys to make sure the PrintNightmare Patchworks effectively. Please note if you don’t have these registry entries then you are secured from the PrintNightmare Vulnerability. Please follow the steps mentioned below to make the changes.
- NoWarningNoElevationOnInstall
- UpdatePromptSettings
- Click Start.
- Type regedit and press enter to open the Registry Editor.
- Navigate to the path
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint - Double-click the NoWarningNoElevationOnInstall DWORD key and set its value to 0.
- Click the OK button.
- Double-click the UpdatePromptSettings DWORD key and set its value to 0.
- Click the OK button.
Group Policy Object (GPO)
Please note these settings needs to be changed only if Point and Print Restrictions Group Policy is configured in your environment. If the policy is set to Not Configured you can ignore these steps.
- Click Start.
- Type gpedit.msc and press Enter to open the Group Policy Editor.
- Navigate to the path :
Computer Configuration > Administrative Templates > Printers - Double-click the Point and Print Restrictions to open the policy
- Select option Enabled.
- Select Show warning and elevation prompt option for “When installing drivers for a new connection” setting under Options
- Select the Show warning and elevation prompt option for “When updating drivers for an existing connection” setting under options.
- Click the Apply button.
- Click the OK button.
Resources
The Windows update to fix ‘PrintNightmare’ made some printers stop working