Microsoft recently patched all desktops requiring administrative privilege to install drivers. What this means is if your business is not using a print server and you manually installed printers to each machine, without admin rights – those printers may not be connected any longer.

Basically this restriction eliminates the ability of non-admins to:

  • Install new printers using drivers on a remote computer or server
  • Update existing printer drivers using drivers from remote computer or server

You might be tempted to quickly grab regedit and:

Reg setting to be modified/added (no reboot needed)
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
Dword: RestrictDriverInstallationToAdministrators
Value: 0
Don’t do it!
You could be opening yourself up to the remote execution vulnerability CVE-2021-34481, that this patch blocks.
If you haven’t read up on this vulnerability, the exploit allows privileged file operations for anyone that gains access to the machine.  An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.