0

I work for a company with a large user base. There is a requirement to allow users to add printers to their laptops e.g. when working from home.

What are the security risks? Is their a bad actor can use a printer to hack the laptop? Can a print driver elevate privileges and causes something bad to happen?

Architect
  • 631
  • 1
  • 6
  • 9
  • I believe stuxnet used the Windows printer system as a vector to exploit systems. Historically it has had a lot of exploits that lead to privilege escalation. – user Sep 14 '21 at 16:14

1 Answers1

3

The recent PrintNightmare attack takes advantage of printer driver installation, and one of the mitigations Microsoft has put in place is to restrict the ability to install printer drivers to Administrators. So, yes, a bad actor can hack a laptop if regular users are allowed to install print drivers. And apparently limiting it to Administrators is not wholly sufficient:

Researchers have noted that the vulnerability has not been fully addressed by the patches. After the patch is applied, only administrators will be able to install printer drivers on a Windows print server, as part of the vulnerability related to the ability of non-administrators to install printer drivers on the system.

gowenfawr
  • 71,975
  • 17
  • 161
  • 198