CNS IT will be setting a policy to disable the Print Spooler Service on managed Windows systems on Thursday, July 1, 2021 at 7:00am CST.
Why is this happening?
A critical exploit has been identified in most Windows systems, involving the Print Spooler Service. At this time, a fix hasn't been released. Until a fix exists, the UT Information Security Team has requested that the Print Spooler Service be disabled on Windows systems at UT Austin. More information on the vulnerability can be found here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
What will happen if my computer isn't made compliant?
The ISO will be quarantining devices as soon as they can scan for this vulnerability. We have a short grace period until that happens to get the Spooler Service disabled and turned off.
CNS IT Managed Computers:
We will be disabling the Spooler Service as a policy that will automatically adjust the Print Spooler Service on your computer. Please run through the following to make sure that the policy has successfully disabled your Print Spooler Service.
Computers not under full CNS IT management, and self-managed computers:
Since CNS IT doesn't remotely manage your computer, here are some steps you can follow to manually disable the Print Spooler Service on your Windows device.
Open the Services snap-in.
- You can find it by searching for 'Services' in the bar next to the Start menu (Windows 10) or at the bottom of the start menu (Windows 7).
- Run the Services snap-in as administrator, on the right side of the Start screen (Windows 10) or by right-clicking (Windows 7 and some custom Windows 10 layouts).
- If prompted for administrator access, enter administrator account credentials if you have them.
Find the Print Spooler Service, right-click it, select to
Stop in the Properties window to stop the Spooler Service.
Set the startup type to
disabled to make sure the Service won't start again when you reboot.
Make sure you Press Apply and OK before you close the Services window.