Microsoft says its PrintNightmare patches work, despite breaking some printers

security threat
(Image credit: Shutterstock.com)

Microsoft has clarified that its patch for the PrintNightmare vulnerability successfully addresses the bug, notwithstanding the fact that the patch is being rolled back as it causes an issue in some label printers.

PrintNightmare was accidentally disclosed by Chinese security researchers who put out a proof-of-concept exploit thinking the vulnerability in Windows Print Spooler had already been patched by Microsoft. The company then issued a new patch earlier this week to address the remote code exploitation (RCE) vulnerability as well, before cybersecurity researchers dismissed it as ineffective.

However, Microsoft now claims that its out-of-band (OOB) security update to patch the PrintNightmare vulnerability works as it is supposed to, instead finding fault with the methodology of the researchers.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

>> Click here to start the survey in a new window <<

"Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration," explains the Microsoft Security Response Center.

More printer woes

As Microsoft notes, the PrintNightmare fix rolled out through KB5004945 patch, could cause issues with certain label printers, most notably several models of Zebra label printers.

“We are aware of a printing issue caused by the July 6 Windows “KB5004945“ update affecting multiple brands of printers. Microsoft has investigated this issue and plans to release an update addressing the issue within the next 1–2 business days,” Zebra told The Verge.

However, Microsoft has clarified that the issues are not specifically caused by the PrintNightmare fix, but rather by some other changes in the cumulative update.

In any case, the software giant has now issued yet another emergency fix, via its Known Issue Rollback (KIR) feature to rollback the changes that impacted Zebra printers without removing the PrintNightmare patch.

TOPICS
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.