fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

New Windows 10 KB5006670 Update Breaks Network Printing

New Windows 10 KB5006670 Update Breaks Network Printing

Windows 10 users and administrators report widescale network printing issues after installing the KB5006670 cumulative update and other updates released this week.

On Tuesday, Microsoft released Windows updates to fix bugs and security vulnerabilities as part of the October 2021 Patch Tuesday.

These updates include KB5006674 for Windows 11, KB5006670 for Windows 10 2004, 20H1, and 21H1, KB5006667 for Windows 10 1909, and KB5006714 for Windows 8.

Also Read: Limiting Location Data Exposure: 8 Best Practices

Since installing the KB5006670 update, users are reporting that they cannot print to network print servers, with some users receiving 0x00000709 or ‘Element not found‘ errors when attempting to print.

In an eight-page forum topic at BleepingComputer, Windows administrators recounted their frustration with the printing bugs and came to the same conclusion — uninstalling this week’s updates resolves the problem.

Since July, Microsoft has been releasing a constant stream of security updates to fix the PrintNightmare vulnerabilities in the Windows Print Spooler.

As threat actors, including ransomware gangs, actively exploit these vulnerabilities, Microsoft has changed its Point and Print printing feature drastically. Unfortunately, while these changes fix the vulnerabilities, they also lead to problems printing to network print servers.

This week, Microsoft released further security updates for Windows printing vulnerabilities tracked as CVE-2021-41332 and CVE-2021-36970, likely causing the new network printing issues.

While most of the reported problems are related to Windows 10’s KB5006670 update, this is likely because it is the most widely used version of Windows at this time.

The same security fixes were also released for Windows 10 1909 and Windows 11 and will likely cause similar issues on those Windows versions.

How to fix KB5006670 network printing issues

When the September cumulative updates caused printing issues, it was possible to fix them by allowing non-Admins to install printer drivers or disabling the ‘RpcAuthnLevelPrivacyEnabled’ Registry value.

However, this Registry key is no longer working for the problems caused by the October updates, and users are required to fix it using other methods.

Also Read: 10 Practical Benefits of Managed IT Services

The BleepingComputer forum topic includes numerous suggestions from Windows admins on how to resolve the networking printing issues caused by the Windows 10 KB5006670 update. Unfortunately, as these suggestions either remove security updates or don’t always work, they are not ideal for resolving the issues.

What makes these printing issues so frustrating is Microsoft’s lack of clear guidance and the numerous changes that happen each month to the Windows printing feature.

As these changes all resolve different vulnerable aspects of the Windows Print Spooler, they create a mess of individual fixes that Windows admins need to figure out whether they will fix their printing problems.

BleepingComputer has reached out to Microsoft for official guidance on resolving all of these issues but has not heard back at this time.

Method 1: Uninstall the KB5006670 update

The most common suggestion is to simply uninstall the KB5006670 update, which can be done using the following command in an elevated command prompt:

wusa /uninstall /kb:5006670

However, uninstalling the update will remove the security fixes for 74 vulnerabilities, including one actively exploited, making this a dangerous method.

Method 2: Replace C:\Windows\System32\Win32spl.dll

Others have found that replacing the Win32spl.dll DLL file with the version from the September 2021 updates will fix the network printing problem.

“KB5006670 replaces C:\Windows\System32\Win32spl.dll with version 10.0.19041.1288 which halts printing

We replace this dll with version 10.0.19041.1237 that was installed September’s Cumulative update

The attached batch script will copy your “good” dll file to each computer this runs on from a server location and rename the “bad” dll. I run it as a startup script for ease”

As this DLL was likely changed as part of a security update, this too will cause your computer to become less protected from possible future vulnerability exploits.

Method 3: Recreating printer queues on print servers

Some users have also reported that removing and reinstalling their printers on the print server resolved their problem.

When you remove the printer and install it again as an admin, the queues will be rebuilt, potentially allowing printing to work again.

However, workstations may need to be reconfigured to use the new printer queue, which may be a very time-consuming task for some organizations.

Method 4: Enable CopyFiles feature again

Finally, some HP printer drivers require the CopyFiles feature, which Microsoft disabled in September by default.

For users who still need this feature, Microsoft introduced a hidden Group Policy that allows you to enable it again.

To enable the CopyFiles feature, create a Windows Registry value under the HKLM\Software\Policies\Microsoft\Windows NT\Printers key named CopyFilesPolicy. When set to ‘1’, CopyFiles will be enabled again.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us