Security News > 2020 > May > Fear the PrintDemon? Upgrade Windows to patch easily exploited flaw
Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a "Lowly" privilege escalation vulnerability in the Windows Print Spooler service.
CVE-2020-1048, which affects Windows 7, 8.1, and 10 and Windows Server 2008, 2012, 2016, and 2019, arises from the Windows Print Spooler service improperly allowing arbitrary writing to the file system.
"An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft explained.
"Print Spooler continues to be one of the oldest Windows components that still hasn't gotten much scrutiny, even though it's largely unchanged since Windows NT 4," Shafir and Ionescu noted, but obviously that's changing.
The general advice is to implement the patch as soon as possible as, they claim, the flaw is easy to exploit with a single PowerShell command.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/fD7qDHDDBS0/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-21 | CVE-2020-1048 | Incorrect Resource Transfer Between Spheres vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. | 7.2 |