Out-Of-Band Security Update For Windows Print Spooler Remote Code Execution Vulnerability

[Corrine]

Microsoft released an out-of-band update to address CVE-2021-34527, Windows Print Spooler Remote Code Execution Vulnerability for Windows 10 Versions 21H1, 20H2, 2004, 1909, 1809, 1803, 1507, and Windows 8.1

Although at the time of this posting, the KB Articles are not accessible yet, the Windows versions and assigned KB Articles are as follows:

• Windows 10, Version 21H1, 20H2, 2004: KB5004945
• Windows 10, version 1909:  KB5004946
• Windows 10, version 1809:  KB5004947
• Windows 10, version 1803:  KB5004949
• Windows 10, version 1507:  KB5004950
• Windows 8.1: 

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package, go to the Microsoft Update Catalog website.

Update history for Windows 10

[Corrine]

MSRC information at Clarified Guidance for CVE-2021-34527 Windows Print Spooler Vulnerability:
 

Quote

On Tuesday July 6, 2021, Microsoft issued CVE-2021-34527 regarding a Windows Print Spooler vulnerability. Updates were released on July 6 and 7 which addressed the vulnerability for all supported Windows versions. We encourage customers to update as soon as possible.

CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability.

Following the out of band release (OOB) we investigated claims regarding the effectiveness of the security update and questions around the suggested mitigations.

Our investigation has shown that the OOB security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare. All reports we have investigated have relied on the changing of default registry setting related to Point and Print to an insecure configuration.

 

Additional information is in the referenced blog post.