What is WPP

Backtrack to 2021, when in response to the Print Nightmare vulnerability, Microsoft hardened their print spooler service in Windows so that only administrators would be able to install third party print drivers. Whilst this helped close the vulnerability in Windows, this action caused did and continues to cause a much disruption, and careful planning is now required when changing printer manufacturers or deploying driver updates.

WPP is the next stage of hardening the print spooler and will see Microsoft entirely prevent third party print drivers being installed and instead rely on IPP printing.

WPP became available in October 2024 but won’t be enforced until 2027.

We also believe that this will apply to more than just Windows, as Apple and Linux work on their own implementations of driverless (or isolated) printing for the CUPS printing system.

Proceed with Caution

Windows 11 version 24H2 currently supports WPP. Whilst its not enabled by default, once enabled, any existing print queues and associated drivers will be permanently deleted.

This could prevent users from printing or twain scanning and so careful planning and prior testing should be carried out before making the decision to enable it.

We would recommend first checking that your companies’ print devices support IPP (Mopria), and then using a VM or spare workstation to test all of them with WPP enabled by an administrator in Printers & Scanners.

Initial testing of IPP printing has shown there are a number of printers function with reduced speed, lower quality or not at all, and so there is progress to be made before WPP is suitable for all.

You’ll want to ensure that you are able to use all required finishing options, such as copies, colour, duplex and stapling. You should also monitor the speed and reliability of printing.

Once testing is complete and you are happy your print devices are compatible, you might want to consider deploying WPP to all computers via InTune, Group Policy or Registry Key changes.

How Fleet MPS can help

Whilst adjusting to change can be worrying, we ultimately view WPP as a good development. Print drivers have always been a headache for I.T, and whilst we’ve worked hard to provide universal print drivers (a single driver for a whole fleet) and ensure proper deployment and update practices are followed, there can always be issues with deployment and even corruptions, furthermore they just don’t fit well in today’s Zero Trust world.

We feel sure that our printer manufacturing partners will be releasing firmware updates for printers that don’t support or are found to work unreliably with IPP, and our solutions partners are already working on implementing WPP supported Follow You Print, as well as compatibility for legacy (non-WPP) printers.

So, at Fleet MPS we’re committed to staying up to date with the latest developments and working with our partners to ensure the smoothest possible switch to WPP for our clients to whom we’ll be proposing and implementing compatible hardware and software solutions.

The long-term benefits will be simpler deployment of printers and a more secure printing system for all.