Solved Protecting from PrintNightmare with workarounds

[retspag]

There seems to be two ways to protect from the PrintNightmare with workarounds (not using win update)
Security Update Guide - Microsoft Security Response Center

I can Disable the Print Spooler service (but then I can't print)

Or I can "Disable inbound remote printing through Group Policy"
This I don't use.
But I have win 7 home premium so I have no Group Policy menu.

I want to know If I go to:

Control Panel\All Control Panel Items\Network and Sharing Center\Advanced sharing settings

And make sure "file and printer sharing" is set to off does that accomplish the same thing?

Thanks for any help.

 

[Alejandro85]

The first workaround is the best if you don't use printers at all, as it simply kills the vulnerable service.

The second option kills remote printing, you can print locally but not from other computers on the network. If you don't use it, it's a good option. The "group policy" is just eye candy for a bunch of registry values, which is available to any Windows edition, so you can also use it if you want. Look here for the details.
This will still pose a local vulnerability (a privilege elevation for all local programs), but no longer remote.

No idea about disabling "file and printer sharing". Most likely it'll disable the server service, but not the spooler. My guess is that it won't prevent the vulnerability.

Yet another option is to use a firewall to block the spooler.

 

[retspag]

Thanks for the help.
After you gave me the link I was able to use that info to look up how to do that.

Here's information I used if it helps anyone else out.
https://www.askvg.com/security-alert-immediately-disable-printer-spooler-service-in-windows/