Windows 10 PrintNightmare continues with yet another exploit

Despite Microsoft’s patch, researchers continue to find ways to exploit the PrintNightmare vulnerability on Windows 10.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

The Windows print spooler vulnerability continues to be exploited by researchers. Security researcherBenjampin Delpyfound several ways to bypass and take advantage of the vulnerability known asPrintNightmare. Delpy recently shared a video showing that an exploit allows people to effectively gain administrative privileges on a PC.

Microsoft issued acritical security patchfor the PrintNightmare vulnerability, but researchers have found ways around it. Delpy’s workaround involves a print server that can install a print driver. This driver can then launch a Dynamic Link Library (DLL) file with SYSTEM privileges.

BleepingComputerinstalled the print driver in question and saw the same results as Delpy. Despite the test computer being a fully patched PC running the latest version of Windows 10, a user with standard privileges was able to disable Windows Defender and gain full SYSTEM privileges.

Want to test#printnightmare(ep 4.x) user-to-system as a service?🥝(POC only, will write a log file to system32)connect to \https://t.co/6Pk2UnOXaGwith- user: .\gentilguest- password: passwordOpen ‘Kiwi Legit Printer - x64’, then ‘Kiwi Legit Printer - x64 (another one)‘pic.twitter.com/zHX3aq9PpMWant to test#printnightmare(ep 4.x) user-to-system as a service?🥝(POC only, will write a log file to system32)connect to \https://t.co/6Pk2UnOXaGwith- user: .\gentilguest- password: passwordOpen ‘Kiwi Legit Printer - x64’, then ‘Kiwi Legit Printer - x64 (another one)‘pic.twitter.com/zHX3aq9PpM— 🥝 Benjamin Delpy (@gentilkiwi)July 17, 2021July 17, 2021

Delpy’s method lets anyone who installs the remote print driver gain administrative privileges on a PC. This access could be used in several ways, including creating new users, installing software, or deploying ransomware on a PC.

Delpy told BleepingComputer that he’s trying to pressure Microsoft to release fixes for the vulnerability.

ACERT advisoryfrom Will Dormann outlines multiple mitigations for the vulnerability:

The advisory breaks down each option in more technical detail. We also have a guide onhow to mitigate the PrintNightmare vulnerabilitythat we update as more information comes in.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.