fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

How to Mitigate Print Spooler Vulnerability on Windows 10

How to Mitigate Print Spooler Vulnerability on Windows 10

Yesterday, Microsoft released multiple Windows updates to fix the widely reported “PrintNightmare” vulnerability in the Windows Print Spooler service.

According to Microsoft, this vulnerability is impacting all Windows 10 versions, including the most recent May 2021 Update (version 21H1) and version 20H2 (October 2020 Update).

To deploy Microsoft’s patch, you need to check for updates under Updates & Security > Windows Update and apply the latest July update, and reboot the system when prompted.

Alternatively, you can install the emergency update manually from the Microsoft Update catalog if you are unable to do so via the normal Windows Update procedure.

However, researchers have revealed that Microsoft’s patch is incomplete and attackers can still abuse the vulnerability to gain access to the system. Thankfully, you can temporarily disable the Windows Print Spooler service to mitigate the vulnerability until a proper fix is released.

In this guide, we will highlight the steps to disable the Windows Print Spooler service and mitigate the PrintNightmare CVE-2021-34527 vulnerability.

Disable Print Spooler service on Windows 10 using PowerShell

To mitigate the PrintNightmare vulnerability using PowerShell, follow these steps:

  1. Right-click on the Start Menu or press Windows+X.
  2. Click “Windows PowerShell (Admin).”Open PowerShellOpen PowerShell
  3. Enter the following command to stop the Spooler service:
    Stop-Service -Name Spooler -ForceDisable Print SpoolerDisable Print Spooler
  4. Enter the following command to block Print service from starting again in future.
    Set-Service -Name Spooler -StartupType DisabledBlock Print Spooler serviceBlock Print Spooler service
  5. Close PowerShell window.

Also Read: The DNC Singapore: Looking at 2 Sides Better

If you want to re-enable the Print Spooler service, follow these steps

  1. Right-click on the Start Menu or press Windows+X.Open PowerShellOpen PowerShell
  2. Click “Windows PowerShell (Admin).”
  3. Enter the following command to enable the Spooler service:
    Set-Service -Name Spooler -StartupType AutomaticEnable Print SpoolerEnable Print Spooler
  4. Enter the following command to restart Print service:
    Start-Service -Name SpoolerStart Print SpoolerStart Print Spooler
  5. Close PowerShell window.

Disable Print Spooler service on Windows 10 using Group Policy editor

To mitigate the PrintNightmare vulnerability using Group Policy editor on Windows 10 Pro and Enterprise, follow these steps:

  1. Open Start Menu or Windows Search and enter gpedit.msc to open the Local Group Policy Editor.
  2. In Group Policy editor, navigate to the following path: Computer Configuration > Administrative Templates > Printers
  3. Double-tap the Allow Print Spooler to accept client connections policy.
  4. Select the Disabled option.
  5. Tap on the Apply button and select OK.

When the policy is disabled, Microsoft says the spooler will automatically reject the client connections and prevent users from sharing printers. However, all printers currently shared will continue to be shared.

The spooler must be restarted for changes to this policy to take effect. To restart the spooler service, follow these steps:

  1. Open Start menu.
  2. Type “Services” 
  3. Double-click “Printer Spooler” in the Services list.Restart SpoolerRestart Print Spooler service
  4. Click Restart.
  5. Click OK.

Also Read: 4 Best Practices On How To Use SkillsFuture Credit

If you want to re-enable Print Spooler using Group Policy editor, follow these steps:

  1. Open Start Menu and enter gpedit.msc to open the Local Group Policy Editor.
  2. In Group Policy editor, navigate to the following path: Computer Configuration > Administrative Templates > Printers
  3. Double-tap the Allow Print Spooler to accept client connections policy.
  4. Select the Not configured or Enabled option.
  5. Tap on the Apply button and select OK.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us