You can use policies from ESET PROTECT to block malicious use of the Print Spooler service. With ESET’s Host-Based Intrusion Prevention System (HIPS), a user can block spoolsv.exe from writing new DLLs to the driver folder (a necessary element of remote exploitation of the PrintNightmare vulnerability).
Read more about PrintNightmare.
Create a new policy and follow the steps up to step 4. Select ESET Endpoint for Windows from the Select product ... drop-down menu.
Follow these steps starting from Step 3 to configure the policy.
When the new policy is created, before you proceed with assigning the policy, in the Rules row, click the drop-down menu next to Edit and change both settings to Prepend.
Create a new policy and follow the steps up to step 4. Select ESET Server Security for Windows Server (V6+) from the Select product ... drop-down menu.
Follow these steps starting from Step 3 to configure the policy.
When the new policy is created, before you proceed with assigning the policy, in the Rules row, click the drop-down menu next to Edit and change both settings to Prepend.
Go to Step 7 and assign the policy to the groups or separate client computers.
Create a new policy and follow the steps up to step 4. Select ESET Mail Security for Microsoft Exchange (V6+) from the Select product ... drop-down menu.
Follow these steps starting from Step 6 to configure the policy.
When the new policy is created, before you proceed with assigning the policy, in the Rules row, click the drop-down menu next to Edit and change both settings to Prepend.
Go to Step 7 and assign the policy to the groups or separate client computers.