Virtual printers fail after Windows updates with App Volumes
search cancel

Virtual printers fail after Windows updates with App Volumes

book

Article ID: 345392

calendar_today

Updated On:

Products

VMware

Issue/Introduction

This article highlights several historical improvements in terms of print security from the guest operating system.
Future Iterations of updates may potentially introduce future printing issues. Typically these tend to be resolved promptly with a new update.

Symptoms:
  • Recent windows updates have been applied to your guest operating system.
  • You encounter issues after the application of updates with mapping or printing.


Environment

VMware App Volumes 4.x
VMware App Volumes 2.x

Cause

Issue:
  • Updates KB4565349  / KB4570333 in 2020  included integrity checks on file paths interrogated by Spoolsv.exe. Due to this virtualized printers fail to install or print.
Update: From Appvolumes 2012 (4.3 ), Spoolsv is automatically included in the
HookInjectionWhitelist. This is documented in Appstacks are unable to print to Snagit or RightFax printers after installing windows updates (81246)

Legacy Workaround:
  • Key : HKLM\SYSTEM\CurrentControlSet\Services\svdriver\Parameters
  • Name : HookInjectionWhitelist
  • Type  : REG_MULTI_SZ
  • Append *\spoolsv.exe||* to the value 
Issues that can create a knock-on impact:
  • Updates KB500802 / KB5001567  in March 2021 introduced driver-specific spooler crashes, bluescreens with APC_INDEX_MISMATCH and created specific issues for Kyocera and DYMO print devices. Rectified in an out-of-band patch (KB5001649 )
  • Recommendations in terms of  PrintNightmare "CVE-2021-34527"   restrict printer installations which can have a knock-on with user-installed printers in writables.
  • Behaviour altered with Windows Print Spooler Remote Code Execution Vulnerability  CVE-2021-34481 results in administrative rights being required by default to Install Drivers (KB5005652)

Resolution

Option 1:
  • Uninstall the update temporarily and highlight the concern to the appropriate vendor.
Option 2:
  • Interrogate the issue on the file level to understand the precise impact and make a suitable adjustment utilizing third-party tools such as procmon to conduct this deep-dive.