Compudyne IT Security Update: PrintNightmare Patching

If you’ve been keeping an eye on the news, you’re likely already aware of the vulnerability currently affecting Windows users. This security flaw, known as PrintNightmare or CVE-2021-34527, impacts the Windows Print Spooler service.

The Compudyne team is keeping a close eye on this situation as it evolves and is implementing Microsoft’s recommendations and best practices. We will update this blog with new information and updates as they become available.

Microsoft released an out-of-band patch to address the vulnerability on July 6, 2021. To best protect our customers, Compudyne has decided to wait until Microsoft releases the in-band patches, which we will promptly implement during our regular overnight patching window.

We feel confident in our decision to wait, as we trust our clients are following security best practices and are therefore not likely at risk. Microsoft’s out-of-band patch has known problems with some printers (i.e., Zebra Printers) and may cause some printers to stop working.

For any clients who would like to take precautionary measures ahead of the in-band patch, Compudyne can push the out-of-band patch or implement other mitigation measures. Please visit portal.compudyne.com to create a service ticket and request service.

What is PrintNightmare?
PrintNightmare is a vulnerability in Microsoft’s operating system that could allow cybercriminals to infiltrate local networks via the Windows print spooler. The vulnerability can allow attackers to exploit companies when print capabilities are exposed to the internet. Once they have gained access, attackers can delete data, install programs or create new user accounts.

How can you protect your network?
Compudyne highly recommends regularly updating all passwords and using multi-factor authentication whenever possible. Safe password best practices include:

- Use different passwords for every account
- Passwords should be at least 12 characters long
- Include an uppercase letter, lowercase letter, number and symbol
- Don’t use common phrases or words
- Make it difficult to guess

How is Compudyne protecting your network?
Our team is monitoring Microsoft’s recommendations closely. We are ready to roll out the in-band patch from Microsoft as soon as it is available. We will implement patches for our clients within their normal patching window but can push the out-of-band patch at a client’s request. Please visit portal.compudyne.com to create a service ticket and request service.