Security News > 2021 > August > Microsoft confirms another Windows print spooler zero-day bug

Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer.

This vulnerability is part of a class of bugs known as 'PrintNightmare,' which abuses configuration settings for the Windows print spooler, print drivers, and the Windows Point and Print feature.

Today, Microsoft issued an advisory on a new Windows Print Spooler vulnerability tracked as CVE-2021-36958.

"A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," reads the CVE-2021-36958 advisory.

Microsoft has not yet released a security update for this flaw, but states you can remove the attack vector by disabling the Print Spooler.

This restriction can be done using the 'Package Point and print - Approved servers' group policy, preventing non-administrative users from installing print drivers using Point and Print unless the print server is on the approved list.

News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-another-windows-print-spooler-zero-day-bug/