A new Windows Print Spooler vulnerability has been detected
Windows Print Spooler, PrintNightmare, and all the associated printer headaches comprise the story that just won’t go away. It all started when researchers exposed an exploit, thinking it’d already been patched by Microsoft (spoiler: It hadn’t been). Microsoft then released an emergency patch to deal with it, though that patch was easily undermined and had the unintended side effect of causing some printers to not work.
Then, as the mess grew ever messier, the Cybersecurity and Infrastructure Security Agency (CISA) sent out warnings and guidance to all Federal Civilian Executive Branch agencies, signaling that the issue was serious enough to warrant U.S. government attention. And now, there’s a new Windows Print Spooler vulnerability making the rounds, formally designated as CVE-2021-34481 (via BleepingComputer).
Here’s Microsoft’s executive summary of CVE-2021-34481:
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have the ability to execute code on a victim system to exploit this vulnerability. The workaround for this vulnerability is stopping and disabling the Print Spooler service.
Dragos security researcher Jacob Baines told BleepingComputer that because this is a local vulnerability, it’s not directly related to PrintNightmare. With that said, it’s certainly related to the trail of headaches left by PrintNightmare for Windows Print Spooler and serves as the cherry on top of a vulnerability-riddled sundae.
We may earn a commission for purchases using our links. Learn more.
Windows 10 is getting a 21H2 release this fall too, here’s what to expect
Microsoft has announced that the next Windows 10 feature update, known as “version 21H2” will ship later this year and include a handful of new changes and enhancements, most of which are aimed at enterprise and business customers. Just like version 21H1 and 20H2 before it, version 21H2 will be delivered via a cumulative update which is much smaller and quicker to install.