Microsoft warns again of a vulnerability in Windows print spooler-Services. This time Privilege escalation error Thus allowing an attacker to execute system-wide privileged code.
Microsoft says it is working to patch the vulnerability, but has not yet released an indication of when it will be released. There is also no indication of which versions of Windows 10 are at risk. Meanwhile there is only one The solution Available. This amounts to stopping the Print Spooler service via a PowerShell command. This makes printing impossible.
Weakness has a meaning CVE-2021-34481 With a score of 7.8. An attacker who successfully exploited this vulnerability could execute arbitrary code with system privileges. The attacker could then install programs, view, modify, delete data, or create new accounts with full user privileges. The attacker must have the ability to extract code from the victim’s system to exploit This vulnerability.”
This is the third Windows printing related vulnerability that has been revealed in the past five weeks. Ars Technica Lists قو. The security researcher who reported the vulnerability to Microsoft, Jacob Bennis, told Ars that he found the situation startling. He reported the matter to Microsoft in June and gave an August 7 deadline to come up with a solution. According to him, it is usual that the moment public disclosure Whether the patch release time is used as a trigger for a file Advisor for publication. It is not clear why this is happening at this time. “They may have seen the details about the vulnerability elsewhere, but I haven’t.”