Dears,
the latest Windows updates is causing a lot of problems with network printers mapped on a print server.
Reference:
KB5005652—Manage new Point and Print default driver installation behavior (CVE-2021-34481)
Managing deployment of Printer RPC binding changes for CVE-2021-1678 (KB4599464)
unable to use the print server with the new registry key RpcAuthnLevelPrivacyEnabled
The system logs reports this error: 0x0000011b
1) Apply this registry key to disable the new default settings related to the print spooler vulnerabilities
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print
RpcAuthnLevelPrivacyEnabled = 0
- Right-click on the Start button to open the WinX Menu
- Select Run
- Type services.msc in the Run box which opens
The above workarounds are only a temporary solution to survive and allow users to print.
What is unclear to me is what should be the right way to manage these settings in a corporate environment without any end user interaction.
So, if I want to be protected and apply the recent security fixes without asking the end users to do something, what should I do?
Microsoft states that you need to set "RpcAuthnLevelPrivacyEnabled" to "1" on both Client and Print Server in order to be protected, but if you do this, you can't print.
So, what should we do in a Corporate environment to be secure and print without any end user interaction about "driver installation" etc.?
Thanks in advance