Please check back here for updates M-F at 3 pm 7/15/21 3:00pm: There are no major updates today, please just review yesterday's notes below. If possible, please leave your computer powered on tonight as we try to get all affected computers remediated. 7/14/21 3:00pm: There are no major updates today, please just review yesterday's notes below. If possible, please leave your computer powered on tonight as we try to get all affected computers remediated. 7/13/21 6:35pm: For the computers that need to upgrade to newer OS first: 7/13/21 2:18pm: CNS IT will begin pushing patches in short phases over the course of the week for your Managed Windows Device(s) to update:
As we detect systems with Printer Spooler service patches applied, we'll start lifting the policies that we stopped and disabled. A reboot may be required in order to see printing available again.
|
What is this about?
CNS IT will be setting a policy to disable the Print Spooler Service on managed Windows systems on Thursday, July 1, 2021 at 7:00am CST.
Why is this happening?
A critical exploit has been identified in most Windows systems, involving the Print Spooler Service. At this time, a fix hasn't been released. Until a fix exists, the UT Information Security Team has requested that the Print Spooler Service be disabled on Windows systems at UT Austin. More information on the vulnerability can be found here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
What will happen if my computer isn't made compliant?
The ISO will be quarantining devices as soon as they can scan for this vulnerability. We have a short grace period until that happens to get the Spooler Service disabled and turned off.
We will be disabling the Spooler Service as a policy that will automatically adjust the Print Spooler Service on your computer. Please run through the following to make sure that the policy has successfully disabled your Print Spooler Service.
Since CNS IT doesn't remotely manage your computer, here are some steps you can follow to manually disable the Print Spooler Service on your Windows device.
Open the Services snap-in.
Find the Print Spooler Service, right-click it, select to Properties.
Press Stop
in the Properties window to stop the Spooler Service.
Set the startup type to disabled
to make sure the Service won't start again when you reboot.
Make sure you Press Apply and OK before you close the Services window.