Print Nightmare Patch
Microsoft released an update for Windows (KB5005565 , KB5005566, and KB5005652) that is causing quite some problems with Printers and networking. There have been reports that I’ve seen of this affecting business and all around. I’ve seen this in my Job also, Drivers not installing and Windows updates not installing because the drivers isn’t being able to be installed. Paper sizes and even POS printers not printing due to the Printer spooler being patched by Microsoft. Bleeping Computers even says that it broke the point to a network printer and is causing issues with people being able to print on the network.
Significant problems
Even I’ve seen the problems that came along with the new update. The real problem is how to protect the business who need to use their network for business purposes. What are some ways to do it and keep the business safe? These are all the questions that need to be answered but as of yet no one knows what the really way to patch the problem associated with the Print Spooler and Print Network.
IT admins have said as much as uninstalling the update resolves most if not all the printer issues they’ve seen the last week or two but that isn’t really suggested by Microsoft due to the Print Nightmare issues and ransomware issues that might arise from it. All I know is IT admins are left on the side of the road as to how to fix the issue without the patch or if there will be a hotfix now the road to fix the September update. Either way there isn’t much we can do but wait and see.
Possible ways to Mitigate this issue:
Change your Group Policy Object (GPO) in Active Directory on the target computers on the network to “RestrictDriverInstallationToAdministrators = 0” but than again we are just opening up that hole that Microsoft is trying to close.
Registry add:
reg add “HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint” /v RestrictDriverInstallationToAdministrators /t REG_DWORD /d 0 /f
Again this will only bypass what Microsoft is trying to close with the vulnerability in Windows point and print issue on the network. You should be able to start printing after you reboot. This however isn’t suggested by me or anyone who is looking to keep the printer from being used in a ransomware attack.
Installing V4 drivers instead of V3 Drivers will solve this issue also but some vendors don’t even have V4 drivers available to install as of yet. Until they make those drivers available, there isn’t really much we can do about it or even suggest to the business that are having difficulty with the printing issue at hand.
Resources: