KB5004945 (out-of-band) fixes a printing vulnerability PrintNightmare

Microsoft has releases a new out of band patch KB5004945 to users running Windows 10 21H1, 20H2 and 2004. After installing it, you will have the following versions: Windows 10 2004 = 19041.1083, 20H2 = 19042.1083 and 21H1 = 19043.1083.

Windows 10 install update banner

The patch replaces the previously released update, and finally resolves the Remote Code Execution Vulnerability in Windows Print Spooler. It is known as CVE-2021-34527 and 'PrintNightmare'.

More details can be found on this support page.

It is worth noting that similar patches are now available for Windows 8.1 and even for not supported Windows 7 and Windows Server 2008. Microsoft recommends all Windows users to update their computers as soon as possible.

Besides the CVE fix, there is one more issue resolved in this update.

After installing these and later Windows updates, non-administrators are only allowed to install signed print drivers to a print server. By default, administrators can install both signed and unsigned printer drivers to a print server. Signed drivers are trusted by the installed root certificates in the system’s Trusted Root Certification Authorities.

All the patches are available via Windows Update, and for manual download from the Microsoft Update Catalog and Windows Server Update Services (WSUS).

It is a good idea to update your devices as the remote code execution vulnerability is already being exploited in the wild.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!


Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

4 thoughts on “KB5004945 (out-of-band) fixes a printing vulnerability PrintNightmare”

  1. My step-dad refuses to update from Win10 1809 and the out-of-band fix for that version won’t apply… so any ideas what do we can do now other than disabling the print-spooler forever?

    1. Here you go, Nighty!! Update for Win10 1809

Leave a Reply

Your email address will not be published.

Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.