Windows 10 printnightmare fix SECURITY

Again Microsoft creates vulnerable software then only half way fixes it. I try to keep up with Windows 10 security but that is an impossible task. However you should get Windows 10 updates as soon as possible. I have my machine set for automatic updates but many turn that off or delay even checking with a “pause”.

If you are interested see this link about the “printnightmare” vulnerability.

My Windows 10 just updated to 21H1 Feature Update and then the Cumulative update for 21H1.

I wish I could run linux instead of Windows (Winders).

Additional information at forbes.com

I really do hate Windows, but had to buy a Surface Pro for my business to run software that wasn’t available for any other platform. Also, it’s my ambition to (eventually) use Vectric software, which unfortunately only runs on Windows, so I’m keeping hold of it, for the time being.

Fortunately, CC and CM will run on a Mac, so have you considered a cheapo MacBook? I currently use CC on my Mac and, using a shared folder, the Surface Pro on my Shapeoko, but this would work for a MacBook, too - without the Windows problems!

Depending what you want to use, you can run Windows inside a virtual machine on Linux. It doesn’t deal well with heavy 3D workflows so I wouldn’t recommend it for Fusion 360 or SolidWorks or anything but for CM and CC it shouldn’t be a problem.

An advantage of running it in a virtual machine is that you can completely cut it off from the internet, so there’s no chance of remote compromise.

Does Windows even need to be connected to the internet?

I run my Windows desktop from within MacOS, using MS Remote Desktop, but hadn’t thought about disconnecting it form the internet, to be honest.

Of course not but the person using it usually appreciates internet access when using it as a general-purpose computer :slight_smile:

1 Like

You have to also look at risk vs likely hood. Yes a risk has been identified, but the likely hood of the exploit being used against anyone here on this board is pretty low. Most of us are connected to the internet behind a router that provides a NAT service that hides your internal IP address from the outside. If you are selective about the web sites you visit, and the “joke” links in emails are ignored and so on, your likely hood of “attack” will drop significantly. In order for most exploits to occur, the attacker must already have access to your OS in order to elevate rights to then do bad things.

If you have a machine that is Windows based and you are worried about this exploit, then disable the Print Spooler service, assuming that you don’t print from it …

1 Like

I think the last time I used the print spooler service was on NT3.5.1, might have been NT4…