To mitigate the PrintNightmare vulnerability using PowerShell, follow these steps:

  1. Right-click on the Start Menu or press Windows+X.
  2. Click “Windows PowerShell (Admin).  If you receive a message from User Access Control asking if you want to allow the app to make changes, click Yes.
  3. Enter the following command to stop the Spooler service:
    Stop-Service -Name Spooler -Force
  4. Enter the following command to block Print service from starting again in future.
    Set-Service -Name Spooler -StartupType Disabled
  5. Close PowerShell window.

 

Once a proper fix is released and you want to re-enable the Print Spooler service, follow these steps:

  1. Right-click on the Start Menu or press Windows+X.
  2. Click “Windows PowerShell (Admin).  If you receive a message from User Access Control asking if you want to allow the app to make changes, click Yes.
  3. Enter the following command to enable the Spooler service:
    Set-Service -Name Spooler -StartupType Automatic
  4. Enter the following command to restart Print service:
    Start-Service -Name Spooler
  5. Close PowerShell window by typing exit

 

X
Proxurve