Security News > 2021 > August > Microsoft confirms another Windows print spooler zero-day bug
Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer.
This vulnerability is part of a class of bugs known as 'PrintNightmare,' which abuses configuration settings for the Windows print spooler, print drivers, and the Windows Point and Print feature.
Today, Microsoft issued an advisory on a new Windows Print Spooler vulnerability tracked as CVE-2021-36958.
"A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," reads the CVE-2021-36958 advisory.
Microsoft has not yet released a security update for this flaw, but states you can remove the attack vector by disabling the Print Spooler.
This restriction can be done using the 'Package Point and print - Approved servers' group policy, preventing non-administrative users from installing print drivers using Point and Print unless the print server is on the approved list.
News URL
Related news
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks (source)
- Microsoft rolls back decision to stop Windows 11 22H2 preview updates (source)
- Windows Kernel bug fixed last month exploited as zero-day since August (source)
- Microsoft: Windows 11 “invites” coming to more Windows 10 Pro PCs (source)
- Microsoft is killing off the Android apps in Windows 11 feature (source)
- Microsoft says Windows 10 21H2 support is ending in June (source)
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Microsoft again bothers Chrome users with Bing popup ads in Windows (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-12 | CVE-2021-36958 | Unspecified vulnerability in Microsoft Windows <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. | 7.8 |