It’s not uncommon for software to have some bugs, even ones that go undiscovered for years. There are bugs, however, that are so severe that developers and companies scramble to plug up holes as fast as they can. That is the nightmare situation that Microsoft and Windows users have suddenly found themselves living with this aptly named PrintNightmare bug. Microsoft quickly pushed out a patch to address the issue, but the nightmare doesn’t seem to be over just yet.
In a nutshell, the PrintNightmare exploit targets Windows Print Spooler, the subsystem that manages printing jobs on a local network. By installing a potentially compromised printer driver, attackers will be able to run arbitrary code with administrator privileges. Unfortunately, prior to the fix, ordinary users can install such drivers.
Since the bug was being actively exploited, Microsoft quickly released a patch to address that matter without having to wait for its usual patch schedule. While that did fix the biggest problem, the KB5004945 update seems to have also broken some other things in the process. In particular, Windows computers that have installed the update are no longer able to connect to receipt or label printers, especially those from Zebra.
The good news is that Microsoft has acknowledged that the issue exists. The bad news is that the most immediate fix is for owners of affected PCs to roll back the update. This, of course, means undoing the protection fix for PrintNightmare, but Microsoft promises that a proper fix will be coming really soon.
This new complication comes after the disclosure that the PrintNightmare fix can actually still be bypassed under certain Point and Print configurations. Microsoft has updated its Security Update Information to include instructions on checking and closing those doors.