Microsoft releases Windows 10 KB5005033 update to mitigate the printing service vulnerabilities
According to the Microsoft Support Announcement, the company has recently released a new cumulative update KB5005033 to adjust driver permissions for Windows 10 20H1/20H2/21H1.
This cumulative update has a test nature and will only be received when the user actively clicks the check update button, and the enterprise administrator can download it in advance for deployment testing.
The release of this update is mainly used to adjust the printer driver installation permissions, in fact, it is used to alleviate the security vulnerabilities of the printing service some time ago.
Therefore, it is only recommended for home or business users who use printers to install this update. After deployment, it may improve security and reduce the utilization of related vulnerabilities.
This security update mainly includes quality improvements. When the user installs the driver after deploying the update, he must have administrator rights to continue.
The Microsoft Security Blog explained the adjustment in detail. The Microsoft security team stated that the investigation of recent printing vulnerabilities made the team feel the need to adjust permissions.
Because the default behavior of Point and Print cannot provide customers with the level of security required to prevent potential attacks, such risks can be resolved after changing permissions.
The Microsoft security team firmly believes that it is reasonable to adjust the permissions, but if companies still need to use non-administrator permissions to install the print driver, there are ways.
The Microsoft security team recommends that if enterprise administrators need to disable mitigation solutions, they should evaluate their security requirements in detail before disabling them to avoid unnecessary security risks.