This service spools print jobs and handles interaction with printers. The recommended state for this setting is: Disabled. Rationale: Disabling the Print Spooler (Spooler) service mitigates the PrintNightmare vulnerability (CVE-2021-34527) and other attacks against the service. Impact: Member Servers will not be able to act as a print server, sharing printers for clients. Applications on and users logged in to Member Servers will not be able to print, including printing to files (such as Adobe Portable Document Format (PDF)) which uses the Print Spooler service.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled: Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Print Spooler Default Value: Automatic