Optionally, to override all Point and Print Restrictions Group policy settings and ensure that only administrators can install printer drivers on a print server, configure the RestrictDriverInstallationToAdministrators registry value to 1. Starting with the July 2021 Out-of-band update, administrator credentials will be required to install signed and unsigned printer drivers on a printer server. Note Before installing the July 2021 Out-of-band and later Windows updates containing protections for CVE-2021-34527, the printer operators' security group could install both signed and unsigned printer drivers on a printer server. By default, only administrators can install both signed and unsigned printer drivers to a print server. After installing the July 2021 and later updates, non-administrators, including delegated admin groups like printer operators, cannot install signed and unsigned printer drivers to a print server. Security updates released on and after Jcontain protections for a remote code execution vulnerability in the Windows Print Spooler service ( spoolsv.exe) known as “PrintNightmare”, documented in CVE-2021-34527.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |