This service spools print jobs and handles interaction with printers. The recommended state for this setting is: Disabled. Rationale: In a high security environment, unnecessary services especially those with known vulnerabilities should be disabled. Disabling the Print Spooler (Spooler) service mitigates the PrintNightmare vulnerability (CVE-2021-34527) and other attacks against the service. Impact: Users will not be able to print, including printing to files (such as Adobe Portable Document Format (PDF)) which uses the Print Spooler service.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled: Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Print Spooler Default Value: Automatic