No one can print to the network printers. This discussion on Microsoft's question and answer forum for IT professionals shows the problems administrators now face. Enforcement phase enforces the changes to address CVE-2021-1678 by increasing the authorization level without having to set the registry value." That September date was "Patch Tuesday" last week – though some admins were already having issues with network printing caused by Microsoft's other mitigation efforts. Microsoft's fix was in two phases, first to add a registry setting to increase the authorization level for remote access to printers and second, to inform admins that "the release transitions into the enforcement phase on September 14, 2021.
The problem is complex and first surfaced in January, when Microsoft issued this support note explaining that "a security bypass vulnerability exists in the way the Printer Remote Procedure Call (RPC) binding handles authentication for the remote Winspool interface." Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working.
0 kommentar(er)
