If you are unable to print or you get an error “0x0000011b” when trying to install a new printer this is probably due to one of the recent September updates.
The update was installed to resolve issues with a vulnerability called PrintNightmare & MSHTML (CVE-2021-1678), this update enforces a change on the print server to resolve this vulnerability however while doing that it also causes an issue with the authentication between your machine and the print server.
If printing is business critical we can put a fix on the server however this does then leave the systems open to the vulnerability so we would not recommend it.
More information on the update can be found here https://support.microsoft.com/en-gb/topic/managing-deployment-of-printer-rpc-binding-changes-for-cve-2021-1678-kb4599464-12a69652-30b9-3d61-d9f7-7201623a8b25
We have logged a support case with Microsoft this morning and we will update this page when we have any further updates.
UPDATE – 27/09/2021 15:36
We have spoken to Microsoft engineers and they are looking into the issue, at this time all they can recommend is the fix we have already found which compromises security so should be only be done if printing is critical.
UPDATE – 29/09/2021 09:51
We are still in discussions with Microsoft regarding a patch release to resolve the issues.
The latest update from Microsoft for mitigation is add registry key RpcAuthnLevelPrivacyEnabled = 0 on the print server, reboot the print spooler and add the shared printer on the client and do a print. once the print has been printed change the registry key it back to “1” and restart the print spooler service on print server to secure it, this is ok as a temporary fix if one or two users who need to print but it does not work as a workaround for all devices on the network.
We have not tested the above mitigation as we are waiting on more information from Microsoft on a patch release.
UPDATE – 01/10/2021 12:00
We have chased Microsoft today for an update.