Microsoft released the KB5004956 update for Windows Server 2012 overnight. The update includes improvements and fixes that were part of KB4503697 for Windows Server 2012, dated June 8, 2021. CVE-2021-34527 Microsoft fixes security vulnerabilities in Windows Print Spoiler service. After installing this and subsequent updates, non-admin users can only install signed printer drivers on the print server. Microsoft recommends installing this update on all Windows clients and servers, starting with devices that currently play the role of print server. A list of known issues can be found at Microsoft. The update can now be downloaded from the Windows Update, Microsoft Update or Windows Server Update Services and Microsoft Update list. More information about this update can be found below or through Microsoft.
Download -> Download KB5004956 Update for Windows Server 2012
Update Roll KB5004956 is now available for download from Microsoft:
The update includes the following improvements and bug fixes:
As documented in CVE-2021-34527, remote code activation on a Windows print spoiler service called “Print Nightmare” refers to exploitation. After installing this and later Windows updates, non-admin users can only install signature print drivers on the print server. By default, administrators can install both signed and unsigned printer drivers on the print server. Root certificates installed on the system’s trusted root certificate authorities trust the signed drivers. Microsoft recommends that you immediately install this update on all supported Windows client and server operating systems, starting with devices that currently offer print server role. You have the option to configure the RestrictDriverInstallationToAd Administrators Registry to prevent non-administrators from installing signature printer drivers on the print server. For more information, see KB5005010.
Additional information about KB5004956 for Windows Server 2012 is available from Microsoft.
CVE-2021-34527 | Vulnerability in Windows Ax spool remote code activation
Unplanned security updates for Windows can now be downloaded: