Microsoft just discovered another windows printer vulnerability (CVE-2021-34481) that could be exploited by hackers. This comes right after the company released a security patch this month to fix thePrintNightmare Flaw. This new vulnerability allows hackers to install programs; view, change, or delete data; and create new accounts on your PC.

However, an attacker must have the physical access to execute code on a target system to exploit this vulnerability. There’s no telling when this flaw will be patched, but there is a temporary workaround for those who might be concerned. The workaround for this vulnerability is stopping and disabling the Print Spooler service, as suggested by Microsoft in its security advisory.

windows printer vulnerability

How to disable the Print Spooler service to fix printer vulnerability?

Option 1 (PowerShell)

You would not be able to print locally or remotely after turning off the Print Spooler service. However, your device should be protected against PrintNightmare or any other printer vulnerability attack.

  1. Search forPowerShellin the Start Menu and run the program as anadministrator.

print-vulnerability-powershell

  1. Type in the following command to stop the Print Spooler service and pressEnter.

Stop-Service -Name Spooler -Force

  1. Type in the following command to prevent the service from starting back up again during restart and pressEnter.

Set-Service -Name Spooler -StartupType Disabled

Option 2 (Group Policy)

By doing this, the printer directly connected to the device will continue to work but won’t work remotely. This is what I would recommend, as most hackers tend to use these kinds of vulnerabilities remotely. However, this method won’t work for Windows 10 Home users.

1. OpenStartand search forgpedit.msc.

  1. Now go toComputer Configuration > Administrative Templates > Printers. Scroll down and double-click theAllow Print Spooler to accept client connections.

3. Select theDisabledoption, clickApply,thenOK.

How to re-enable the Print Spooler service after a fix for printer vulnerability?

Once Microsoft fixes this issue with a security patch, you may enable your Print Spooler service using the same method you disabled it.

1. Search forPowerShelland run the program as anadministrator.

Set-Service -Name Spooler -StartupType Automatic

  1. Type in the following command to start the Print Spooler service and pressEnter.

Start-Service -Name Spooler

3. Select theNot Configuredoption, clickApply,thenOK.

Just like the case of PrintNightmare, until a security patch is released, this is the only known method by which people can secure their devices. Until then, verify to take care of this Microsoft Windows vulnerability by using this workaround.

print-vulnerability-command

print-vulnerability-disable-printer

Article image