<img src="https://ws.zoominfo.com/pixel/PMY3ZvbpZt27ywWwZSBB" width="1" height="1" style="display: none;">

Production Print & Finishing

Maximize your business potential and open new revenue possibilities with start-to-finish production print and wide format solutions from EO Johnson and Standard Dynamics finishing solutions.

Office Print

You demand multifunction copiers that are easy to use and cost-efficient. With thorough training and prompt service response, you’ll find EO Johnson’s copiers are as dependable as you are.

locknet-dark

Locknet® Managed IT

Locknet® Managed IT offers security, network defense, backup and managed services to help businesses in Wisconsin, Minnesota, and Iowa develop successful technology strategies, whether you’re small to medium sized, regulated, non-regulated, or have little to no IT staff.

Digital Transformation Consulting

Our solutions help you with a specific document need or work together for a powerful combination to increase efficiency and productivity.

Support

With more than 85 technicians throughout our service areas we have technicians close to you throughout Wisconsin, Minnesota and Northern Iowa – average response for a technician to arrive at your site is under 4 hours. 

e-Info Client Portal 
Remote Support Portal 
decreased_demands_icon
Place a Service Call

For Copier and Printer Service
844.342.5365

For Production print and Finishing
844.236.7567

EO Johnson Locknet® Managed IT Services
877.408.1656

Software Solutions
844.304.8791

Fill Out a Service Form

Waking from Microsoft's PrintNightmare

3 min read

hero_angles

Managed Service Provider offers network security advice

PrintNightmare (CVE—2021—34481) is a low-complexity, high-impact hacking vulnerability discovered and documented by security engineers. A miscommunication led to the exploit documentation being released prior to Microsoft developing an effective patch to prevent its misuse. Having a managed security provider or other network security expert on your side is critical to ensuring your company data is protected.

Here is some invaluable advice from the experts at EO Johnson Business Technologies and Locknet® Managed IT.

Immediate caution advised

Following Microsoft Update (KB5005652, 8/10/2021) — Installation of any print driver on an existing print server may cause existing printing using shared print queues to halt and popup notifications requiring Administrator Authentication to display.

By default, non-administrator users will no longer be able to do the following using Point and Print without an elevation of privilege to administrator:

  • Install new printers using drivers on a remote computer or server
  • Update existing printer drivers using drivers from remote computer or server

Temporary mitigation

During the initial period of self-mitigating the risk of the PrintNightmare vulnerability, Microsoft and third-party security experts recommended disabling the Print Spooler service on any non-print essential Windows PC and Server. On any system requiring print functionality, IT staff was encouraged to limit the permissions of the “System” account on the print driver directory within the Windows system files. These short-term efforts were effective in immediately blocking the attack vector but also limited the long-term functionality of the Operating System.

Microsoft’s permanent PrintNightmare solution — released August 10

On August 10, 2021, Microsoft released an update for Windows (KB5005652) to permanently block the PrintNightmare vulnerability. In doing so, permissions between Client/Print Server environment utilizing Point and Print connections have changed. Microsoft has created a Registry Key to toggle the behavior. By default, it's enabled following the installation of the Windows Update. Microsoft recommends keeping it enabled to eliminate the risk. However, a temporary rollback of the behavior is possible, via the Registry, to balance the functional impact on workflow versus the security risk of Print Nightmare.

Official Microsoft Documentation
https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

How will this affect you?

By default, Microsoft will now require a non-administrator to elevate permissions to pull print drivers or print driver updates from a Print Server to a Client PC.

What will trigger the elevation prompt?

Any change to the print drivers on an existing print server can potentially update a shared driver file currently in use by existing print queues. If a Client PC sees a driver file has been updated on the host print server, printing will be blocked until the file is pulled from the print server and installed locally on the Client PC. This action will now require administrator elevation.

What printing is unaffected and potential workarounds

  • Locally installed print queues sending print jobs directly to print hardware
  • Locally installed print queues sending print jobs to a server via LPR/LPD protocol
  • EOJ Print solutions that have alternative methods of distributing drivers and queues — ask your sales contact for more information

Point and Print explained

Point and Print is Microsoft’s terminology for connecting a Windows client PC to a printer centrally managed on a Windows print server without requiring installation media at the client. When adding a printer hosted on a Windows print server (Start — Printers and Scanners — Add Printer) or (Start — Search <enter \\<print server name or IP > — double click printer name) a connection to the central print queue is made. The driver files and configuration of that central print queue are pulled from the print server and installed onto the client PC. A print job created on the client PC is generated using local print driver files and then relayed back to the print server’s central print queue for processing to the printer for output onto paper.

Official Microsoft Documentation
https://docs.microsoft.com/en-us/windows-hardware/drivers/print/introduction-to-point-and-print

Having the right network security partner in place
is essential

Vulnerabilities, hacks, phishing, and other threats in the digital space continue to cause havoc for organizations of all sizes. Having a trusted network security partner in place is essential to ensuring the safety and integrity of your company data. For enterprise-sized entities, this can free up valuable IT resources to tend to daily business needs while also tapping the unparalleled expertise of IT security professionals who are knowledgeable about the quickly evolving threats to your data.

Contact us to learn more about how the professionals at EO Johnson Business Technologies and Managed Service Providers like Locknet Managed IT can ensure the proper mitigation measures are in place for PrintNightmare and other threats to your organization's network security.

angle_down_right
click_Icon

angle_up_middle

No Comments Yet

Let us know what you think