Johnathan NormanDec 13, 2023

New blog just dropped. https://techcommunity.microsoft.com/t5/security-compliance-and-identity/a-new-modern-and-secure-print-experience-from-windows/ba-p/4002645 We are making massive changes to the Print System in Windows to improve security. This represents a pretty big leap forward for security in Windows. The Print System in Windows has historically been a key target for attackers and these changes make significant reductions in total attack surface.

More over, we intend for this to become the default for users in the future. No more loading 3rd party print drivers, no more high privilege services, and robust exploit mitigations enabled to protect users.

There is a lot of work to do, this first release is only a step in the direction we are taking. But I feel it is the right direction for user safety.

A new, modern, and secure print experience from Windows

Over the past year, the MORSE team has been working in collaboration with the Windows Print team to modernize the Windows Print System. This new design,..

TECHCOMMUNITY.MICROSOFT.COM
Show threadDaniel StefaniakDec 13, 2023
@spoofy no more NTLM then? :)
Show threadJohnathan Norman
@d0m3l glad you asked.. if you watched this https://www.youtube.com/watch?v=zlhoAYsSd4c you'd know spooler is one of the larger NTLM surfaces in Windows. Removing it by default would be a big win. A security guy like myself would really be pushing for something like that but i can't promise anything at the moment. There are a LOT of changes happening all at once which complicates things.
BlueHat Oct 23. S18: Deprecating NTLM is Easy and Other Lies we Tell Ourselves

YouTube
Dec 13, 2023 at 7:44pmWeb
Show threadDaniel StefaniakDec 13, 2023
@spoofy I was at bluehat live and was heckling steve from the audience during this recording :)
Show threadSteve SyfuhsDec 14, 2023
@d0m3l @spoofy I REMEMBER
Show threadSteve SyfuhsDec 14, 2023
@d0m3l @spoofy We actually had a chat with the Print Spooler folks and as much as I would love to take credit for their actions, they actually did a TON of work to harden the heck out of this, as of Windows version [I don't remember]. Good things are afoot.