...
The blog truesec reported a workaround to the vulnerability that creates an explicit deny permission for SYSTEM on the spool folder. This alone will break Tricerat ScrewDrivers printing if done on VDI, terminal servers, or print servers. To use this permission setting with Tricerat, modify the permissions specifically on the following files to allow SYSTEM to have full control permissions.
v7:
C:\Windows\System32\spool\drivers\x64\3\ScrewDriversDrv.dllC:\Windows\System32\spool\drivers\x64\3\ScrewDriversUI.dll
v6:
C:\Windows\System32\spool\drivers\x64\3\sd6drv.dllC:\Windows\System32\spool\drivers\x64\3\sd6ui.dll
Disable the Print Spooler
...