17 July 21, 10:47
Quote:Microsoft has warned of yet another vulnerability that’s been discovered in its Windows Print Spooler that can allow attackers to elevate privilege to gain full user rights to a system. The advisory comes on the heels of patching two other remote code-execution (RCE) bugs found in the print service that collectively became known as PrintNightmare.
The company released the advisory late Thursday for the latest bug, a Windows Print Spooler elevation-of-privilege vulnerability tracked as CVE-2021-34481. Microsoft credited Dragos vulnerability researcher Jacob Baines for identifying the issue.
The vulnerability “exists when the Windows Print Spooler service improperly performs privileged file operations,” according to Microsoft.
Attackers who successfully exploit the bug can run arbitrary code with SYSTEM privileges, allowing them to install programs, view, change or delete data, or create new accounts with full user rights, the company said.
To work around the bug, administrators and users should stop and disable the Print Spooler service, Microsoft said.
Read more: Microsoft: New Unpatched Bug in Windows Print Spooler | Threatpost