Hello, welcome to the Thursday, July 8, 2021 edition of the Sansonet Stormontas Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Brent Nightmare.

Well, the nightmare is sort of over, but not quite yet with the patch released yesterday by Microsoft.

So just a quick update on the patch.

As I'm recording this, all versions of Windows all the way back to Windows 7 should have

the patch available.

That was a little bit confusion during the day in a couple delays, I guess, on Microsoft's side to actually get the last couple operating systems patched up.

But yes, it should be available now for all operating systems that are affected and still somewhat supported by Microsoft.

With, of course, Windows 7 being actually not quite supported anymore, but the Microsoft

sometimes does it where they do push out critical patches like this even for unsupported

versions of operating systems.

However, the patch doesn't fully address the vulnerability just by applying the patch itself.

To understand that, let's recap what's actually the problem here.

The problem is that a normal user is able to supply a printer driver.

And there is one particular feature in Windows that requires the user to actually supply

a printer driver, and this is the point and print a feature that is enabled by default.

In order to completely fix the problem, you have to disable point and print.

Microsoft also did introduce a new registry setting in order to limit who is allowed to install

drivers. Restrict driver installation to administrators is the setting. And well, if you set that to one or true, then the administrator

is the only user allowed to install printer drivers. Highly recommend installing or setting

this registry value because it also does get to the root of the actual problem here that random users are

...