Microsoft confirms its Windows' HP Smart auto-install bugfix is vulnerable to code execution

An image with a colorful Windows 11 logo and dimmed background

Towards the end of last month, users online started complaining about how their system was automatically installing HP's Smart app for printers, even when there was no printer on their PC. As the issue was fairly widespread, soon after Microsoft acknowledged it too, confirming that almost all versions of Windows were affected.

Since it is HP's app that was being installed, the initial impression from many people would likely be that somehow the company may be responsible for this bug. However, after further investigation, Microsoft confirmed that such was not the case and the problem was not due to any update on HP's end.

A week and a half later, Microsoft issued a fix for the problem in the form of a tool that would resolve the metadata issues that were apparently behind the problem. Microsoft stated that running the utility would restore the correct printer metadata (names, icons, and more), remove the incorrect HP LaserJet M101-M106 printer, and uninstall the HP Smart app (if incorrect metadata is present).

Microsoft explains in its words the purpose of the tool:

This tool is intended to help users and administrators address the known issue: Printer names and icons might be changed and HP Smart app automatically installs(See Related Links for more information on this issue)

This tool will review your printer information. It will restore any previously downloaded model information and icons and will remove “HP LaserJet M101-M106” model information, icons, and application associations from printers that do not match this name and model.

This tool will uninstall the HP Smart application if incorrect metadata was found, there are no HP printers or HP printer drivers installed, and the application was installed after Nov 25th, 2023.

An updated version of the tool has now been quietly uploaded by Microsoft. You can download the updated version of the troubleshooter from the Microsoft Download Center:

x86 systems: PrintMetadataTroubleshooterX86.exe
x64 systems: PrintMetadataTroubleshooterX64.exe
ARM32 systems: PrintMetadataTroubleshooterArm32.exe
ARM64 systems: PrintMetadataTroubleshooterArm64.exe

In the next part, Microsoft explains how the tool works. Users who run this troubleshooter tool will need to do it using an elevated Command Prompt:

How to use this tool

When it is run by enterprise administrators, correcting printers for all users and sessions on a system requires running the tool as the Local System account. Tools such as PsExec or Windows Task Scheduler can run commands as Local System.

When it is run by users managing their own printers, this tool must be run using administrative credentials. The following are recommended steps to execute the file and confirm it worked:

Click Start, type cmd, right-click Command Prompt, and then select Run as Administrator.

In the opened command prompt, type cd /d “[path_to_downloaded_tool]” and then press Enter.

Type the name of the file appropriate for your device from the list below (for instance PrintMetadataTroubleshooterX86.exe) and then press Enter.

The tool will return the message Troubleshooter completed successfully on devices where incorrect printer information was found/fixed. Or, it will return the message Troubleshooter not applicable since metadata package not found on devices that are not affected.

You may find more details on the official support page under KB5034510.

Update: A couple of days ago, we published this story as Microsoft had updated its Printer Metadata Troubleshooter Tool. The update was published on January 5, 2024.

However, the changelog indicating what changed was not put up until later (January 9), when the company pushed its first Windows 10 and 11 Patch Tuesday updates of 2024 under KB5034122 and KB5034123 respectively.

According to Microsoft, the tool was updated to address a remote code execution (RCE) vulnerability that has been tracked under ID "CVE-2024-21325." The full changelog is given below: