Starting with the July 2021 Out-of-band update, administrator credentials will be required to install signed and unsigned printer drivers on a printer server. Note Before installing the July 2021 Out-of-band and later Windows updates containing protections for CVE-2021-34527, the printer operators' security group could install both signed and unsigned printer drivers on a printer server. By default, only administrators can install both signed and unsigned printer drivers to a print server. After installing the July 2021 and later updates, non-administrators, including delegated admin groups like printer operators, cannot install signed and unsigned printer drivers to a print server. Security updates released on and after Jcontain protections for a remote code execution vulnerability in the Windows Print Spooler service ( spoolsv.exe) known as “PrintNightmare”, documented in CVE-2021-34527.
KB5005010: Restricting installation of new printer drivers after applying the Jupdates Summary
0 kommentar(er)
