Security News > 2021 > July > Microsoft Confirms 'PrintNightmare' is New Windows Security Flaw

Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks.
Microsoft's confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines.
"A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," according to Redmond's advisory.
Microsoft made it clear this new vulnerability is similar but distinct from the vulnerability the CVE-2021-1675 flaw that addressed a different vulnerability in RpcAddPrinterDriverEx().
The U.S. government's CISA cybersecurity agency is urging Windows fleet admins to disable the Windows Print spooler service in Domain Controllers and systems that do not print.
Print Spooler, which is turned on by default on Microsoft Windows, is an executable file that's responsible for managing all print jobs getting sent to the computer printer or print server.
News URL
Related news
- Microsoft shares workaround for Windows security update issues (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
- Microsoft tests ad-supported Office apps for Windows users (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-08 | CVE-2021-1675 | Unspecified vulnerability in Microsoft products Windows Print Spooler Remote Code Execution Vulnerability | 0.0 |