On Tuesday, Microsoft once again broke with its normal update cycle, publishing a series of updates to address a bad security flaw in the Windows print spooler service.
The print spooler exists in all versions of Windows, including Windows 7, and the vulnerability is serious enough that Microsoft issued an update for that O/S, which is technically no longer supported.
The print spooler vulnerability, which is often referred to as PrintNightmare, is documented in CVE-2021-34527.
Although technically the vulnerability could be exploited on any Windows computer, an attacker would need direct or remote access to that computer, and be able to log in as a regular user. Although that scenario is somewhat unlikely for most home users, the risk increases for computers with Remote Desktop enabled, public or shared computers, and computers on business and educational networks that connect to domain controllers.
Because Microsoft now bundles updates together, it can be difficult to identify which downloads apply to any particular update. In almost all cases, the best approach is to check Windows Update.
On Windows 10, navigate to
Update & Security >
Windows Update. Check for updates. If you see the update KB5004945 pending, install it. If you don’t see that update, click the link to ‘View update history’ and make sure KB5004945 has been installed.
The process is the same for older versions of Windows, except that Windows Update is accessed via the Windows Control Panel. The update number will also vary, depending on the Windows version. On Windows 8.1, it’s KB5004954.