Microsoft this week released a patch to fix the last vestiges of a remote code execution vulnerability called PrintNightmare (CVE-2021-34527), but while the vulnerability now seems fixed, BleepingComputer reports that the patch seems to have broken network printing altogether.
The PrintNightmare bug is a vulnerability that allows attackers to execute malicious code on users' systems without having physical access to them. This is, of course, one of the worst possible exploits users can face. Microsoft's been fighting this security issue since July, but prior to this week's patch, a hole for hackers still existed within remote printing server access.
The bug took advantage of the Windows Print Spooler service improperly performing privileged file operations. An attacker who had successfully exploited this vulnerability could run malicious code with SYSTEM-level (admin-level) privileges without getting caught in the act.
While Microsoft's Tuesday Security patch seems to have stomped out the bug entirely, the update process didn't exactly go smoothly. According to the BleepingComputer report, various users of Microsoft's Network Printing functionality have reported that the latest patch is also breaking network printing entirely.
What makes the problem worse is that Windows is reporting different types of errors to each user, making it a bit harder to see what's going on. BleepingComputer said that one source is seeing a 4098 Warning in the application event logs, while another said that their printer port tabs were all blank. One source couldn't even get access to their network printers at all, seeing "access denied" errors instead.
It is important to note that this issue does not appear on printers attached using a USB connector cable. However, network printers from HP, Canon and Konica Minolta have all been reported to be having issues, with other network printers presumably being affected as well. Further, label printers are also affected.
We are sure that Microsoft is aware of the issue and that the company is working hard to iron out these new, less security-focused bugs. PrintNightmare has been a summer long ordeal so far, and unfortunately, it seems like we haven't quite left it behind yet.
