Windows 10 users have been reporting multiple printing issues lately. Last week, Microsoft confirmed a bug that affects printing and scanning functions in certain scenarios and affects a small number of devices. The problem appeared after the latest Patch Tuesday updates delivered earlier this month but affects not only Windows 10 but also Windows 8.1 and Windows 7. Microsoft said it "released hardening changes for CVE-2021-33764," which might cause issues on a domain controller (DC).
The affected devices are smart card authenticating printers, scanners, and multifunction devices that don’t support DH or advertise support for des-ede3-cbc ("triple DES”) during the Kerberos AS request. Per section 3.2.1 of RFC 4556 spec, for this key exchange to work, the client has to both support and notify the key distribution center (KDC) of their support for des-ede3-cbc ("triple DES”). Clients who initiate Kerberos PKINIT with key-exchange in encryption mode but neither support nor tell the KDC that they support des-ede3-cbc ("triple DES”), will be rejected.
The company has now released emergency updates for Windows 10 version 1809 and version 1607. Microsoft is yet to update on when to expect these fixes for the newer versions of the operating system.
- Updates an issue that might prevent printers, scanners, and multifunction devices from working. This issue occurs on devices that do not comply with a certain specification and use smart card authentication.
Release notes for Windows 10 out-of-band updates KB5005393 and KB5005394 addressing printing bug
Addresses an issue with devices that do not comply with section 3.2.1 of the RFC 4556 specification. Noncompliant printers, scanners, and multifunction devices might not work when you use smart card authentication (PIV). This issue occurs after you install the July 13, 2021 update on domain controllers (DC) in your environment.
These Windows 10 out-of-band updates are only available via Microsoft Update Catalog, which makes sense since the issue doesn't impact everyone and is a targeted fix for those affected by this problem. For more details, check out release notes for version 1607 Build 14393.4532 over at this link and version 1809 Build 17763.2091 on this support page.