How to Secure your Device and Enable Print Spooler Service in Windows 10 Following PrintNightmare

 

This article assumes that you have appropriate administrative priviledges and access to edit your windows settings. If you do not have access or would like additional help, please visit this service: https://helpcenter.mines.edu/TDClient/1946/Portal/Requests/ServiceDet?ID=50058

Additionally, this article is targeted for personal devices and devices not managed by Mines. All Mines managed / ADIT controlled devices will receive the below steps automatically according to the deployment plan in the PrintNightmare Response page. 

 

Getting Started Checklist: You Must Complete the Following 2 Things Before Proceeding to the Solution Steps

1. Apply the Patch by going here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527 for patch guidance

2. Ensure Point-and-Print is securely configured: 

If you need assistance with making changes to your Registry with RegEdit, our Mines Service Center (MSC) is here to help! Get started with an MSC service request at any time or call our support line at 303.384.2345. 

To harden Point and Print make sure that warning and elevation prompts are shown for printer installs and updates. These are the default settings but verify or add the following registry modifications following the steps below. 

Using Registry Editor incorrectly can cause serious, system-wide problems that may require you to re-install Windows to correct them. We cannot guarantee that any problems resulting from the use of Registry Editor can be solved. Use this tool at your own risk.

  1. Press the Windows + R keys to bring up a search box
  2. Type: regedit  and press enter, you will then receive an administrator prompt (you will either need to select yes if already signed in with an administrator account, or enter the administrator credentials of your device)
  3. Using the file directory on the left select HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows NT \ Printers \ PointAndPrint 
    • Note: If any of those locations do not exist, your device already has the default, secure registry keys below. You can proceed to the solution below. 
  4. For the following registry keys, change the value to zero. You can do this by double clicking on the items.
    • NoWarningNoElevationOnInstall = 0
    • NoWarningNoElevationOnUpdate = 0
    • RestrictDriverInstallationToAdministrators = 1 
      • Please note, if one of the above keys did not exist, it is already set to the default value, you do not need to take any further action, and may proceed to the solution below

Animation (GIF) demonstrating steps 3 and 4 from above on how to modify registry to Microsoft recommendations

Animation (GIF) demonstrating steps 3 and 4 from above on how to modify registry to Microsoft recommendations

 

SOLUTION

After completing the 2 steps above, the following steps can be followed to allow you to re-enable the Print Spooler service in Windows 10. If you'd like to see a Visual version with screenshots to accompany each step, skip below which demonstrates these same steps. Both instruction sets assume that you have successfully logged into Windows prior to starting.

  1. Press the Windows + R keys to bring up a search box
  2. Type: Services.msc
  3. Scroll down the list of services and locate the "Print Spooler" Service
  4. Right-Click the Print Spooler service and select "Properties"
  5. Change the Startup Type to "Automatic" and hit "Apply"
  6. Choose "Start" in the Button List located Under "Service Status" to re-start the service, followed by "OK"
 

 

Step by Step with Screenshots:

  1. Press the Windows + R keys to bring up a "run" dialog box
  2. Type the following in red into the dialog box: services.msc
    • Run Dialog Box showing "services.msc" typed out
  3. Scroll down the list of services and locate the "Print Spooler" Service
    • Windows 10 Services List
  4. Right-Click the Print Spooler service and select "Properties"
    • Windows Service Properties
  5. Change the Startup Type to "Automatic" and hit "Apply"
    • Windows Print Spooler Startup Type Options
  6. Choose "Start" in the Button List located Under "Service Status" to re-start the service, followed by "OK"Print Spooler Service Status: Start Button

 

 

Details

Article ID: 134148
Created
Wed 7/7/21 10:29 AM
Modified
Thu 8/12/21 4:36 PM