/build/static/layout/Breadcrumb_cap_w.png

PrintNightmare - Script to apply CVE-2021-34527 & Microsoft KB 5005010 on Registry

Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Recommends add:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint

NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)

NoWarningNoElevationOnUpdate = 0 (DWORD) or not defined (default setting)

KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates

https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7

Recommends add:

RestrictDriverInstallationToAdministrators = 1 (DWORD) 

_____________________________________________________________________________________________________________________________________________________________________________________

KACE Script

Verify

1. Verify a registry key does not exist...

Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint

On Success

1. Set a registry value...

Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint

Name:  RestrictDriverInstallationToAdministrators

Type: REG_DWORD

Data: 1

2. Set a registry value...

Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint

Name:  NoWarningNoElevationOnInstall

Type: REG_DWORD

Data: 0

3. Set a registry value...

Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint

Name:  NoWarningNoElevationOnUpdate

Type: REG_DWORD

Data: 0

4. Log message..

Type: Status

Message: Registry Workarround Completed



Comments

This post is locked

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ