Microsoft is having problems patching the PrintNightmare vulnerability, but these tips should help overcome the issues on Windows 10.
Although Microsoft has quickly released an out-of-band update to fix the PrintNightmare vulnerability on Windows 10 and older versions of the OS, it appears that the rollout is causing additional unwanted issues among users.
Shortly after releasing update KB5004945, a small number of users began to report that their printer stopped working after applying the patch. Although this has been affecting mainly Zebra printers, the problem is also affecting other brands. Microsoft has acknowledged the problem, and it's working to provide a permanent fix in the coming days. In the meantime, the software giant recommends uninstalling the update or reinstalling the printer driver using an account with administrative privileges to address the issue.
If that wasn't enough, some users seemed to have tried to work around the patch by editing the default print settings using the Registry. However, after an investigation regarding the effectiveness of the update, Microsoft claims that the "security update is working as designed and is effective against the known printer spooling exploits and other public reports collectively being referred to as PrintNightmare." The company also recommends that after applying the update to check the Registry to confirm the settings are set 0 (zero) to keep the device secure.
In this Windows 10 guide, we will show you the steps to uninstall update KB5004945 or reinstall the print driver if you have problems printing. In addition, we will outline the steps to make sure your device remains protected after applying the PrintNightmare patch.
- How to fix PrintNightmare update print issue on Windows 10
- How to fix PrintNightmare update security issue with Registry and Group Policy
How to fix PrintNightmare update print issue on Windows 10
If you have installed update KB5004945, and following the installation, you cannot print on Zebra or other printer brands, and you must continue printing, then you can uninstall the patch to regain printing functionality. However, consider that the device will not be protected using this approach until a permanent fix becomes available.
Uninstall update KB5004945
To uninstall the cumulative update KB5004945 to fix printer problems, use these steps:
- Open Settings.
- Click on Update & Security.
- Click on Windows Update.
-
Click the View update history button.
-
Click the Uninstall updates option.
- Select the Security Update for Microsoft Windows (KB5004945) update.
-
Click the Uninstall button.
- Click the Yes button.
- Click the Restart now button.
Once you complete the steps, the update will be installed, and the device will revert to the previous build, resolving the printing issues with the update.
If you use a Zebra-branded printer, you can also contact the manufacturer for additional assistance.
You can also use these workarounds to protect your device against the vulnerability, but you may lose printing functionality until a permanent fix release through Windows Update.
Reinstall print driver
Microsoft also recommends an alternative solution, which is uninstalling and reinstalling the printer driver using an account with administrative privileges.
The instructions below outline the steps to uninstall and reinstall a device driver using Device Manager. If you use an application from the device manufacturer to control the printer, check the device documentation on specific details on how to reinstall the driver.
To uninstall and reinstall a print driver on Windows 10, sign in with an administrator account, and use these steps:
- Open Start.
- Search for Device Manager, and click the top result to open the app.
- Expand the Imaging devices branch.
-
Right-click the printer and select the Uninstall driver option.
-
Click the Uninstall button.
Quick tip: You can also check the Delete the driver software for this device option to force the system to re-download the driver from Windows Update. However, if the driver is not listed on Windows Update, you will have to download it manually from the manufacturer's support website.
-
Click the Actions menu.
- Click the Scan for hardware changes option.
After you complete the steps, Windows 10 will reinstall the driver, and the printer should now work again.
How to fix PrintNightmare update security issue with Registry and Group Policy
If you have installed update KB5004945 and the printing functionality works, but you have previously changed the default Point and Print Restrictions printing Registry settings, you may still be vulnerable.
Warning: This is a friendly reminder that editing the Registry is risky and can cause irreversible damage to your installation if you don't do it correctly. It's recommended to make a full backup of your PC before proceeding.
Fix security issue with Registry
To make sure that the PrintNightmare patch works effectively, use these steps:
- Open Start.
- Search regedit and click the top result to open the Registry Editor.
-
Browse the following path:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
-
Double-click the NoWarningNoElevationOnInstall DWORD key and set its value to 0.
- Click the OK button.
-
Double-click the UpdatePromptSettings DWORD key and set its value to 0.
- Click the OK button.
If the DWORD keys are not present, there's no action needed on your part, which means that your computer is protected against the PrintNightmare vulnerability.
Fix security issue with Group Policy
If you have previously configured the Point and Print Restrictions Group Policy, make sure the settings are configured as followed:
- Open Start.
- Search for gpedit and click the top result to open the Group Policy Editor.
-
Browse the following path:
Computer Configuration > Administrative Templates > Printers
-
Double-click the Point and Print Restrictions policy.
- Select the Enabled option.
-
Under the "Options" section, in the "Security Prompts" area, select the Show warning and elevation prompt option for the "When installing drivers for a new connection" setting.
- Select the Show warning and elevation prompt option for the "When updating drivers for an existing connection" setting.
- Click the Apply button.
- Click the OK button.
If the policy is set to "Not configured," then you don't need to take any action. You can find more information at this Microsoft documentation page.
More Windows resources
For more helpful articles, coverage, and answers to common questions about Windows 10 and Windows 11, visit the following resources:
No comments: