Security News > 2021 > August > Microsoft fixes Print Spooler bugs with August Patch Tuesday rollout
The fix means that only administrators will be able to install print drivers on Windows PCs. Microsoft has finally patched the last in a series of security vulnerabilities in its Windows Print Spooler service that could have allowed attackers to remotely control an affected system and install malicious programs or create new accounts.
On Tuesday, the company pushed out its August Patch Tuesday lineup, which included a fix for the Print Spooler Remote Code Execution Vulnerability to address this specific issue.
This isn't the first time Microsoft has tried to squash persistent bugs related to the Windows Print Spooler service.
Though the latest patch hopefully fixes these Print Spooler vulnerabilities for good, there is one major downside.
"The TLDR is that Microsoft was finally tired of bugs like CVE-2021-3448 and moved to only allow administrators to install print drivers," Jerry Gamblin, Kenna Security director of security research, told TechRepublic.
Beyond the Print Spooler fixes, the updates in this month's Patch Tuesday address 51 different vulnerabilities, which Gamblin referred to as a "Quiet" month.
News URL
Related news
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- December 2024 Patch Tuesday forecast: The secure future initiative impact (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-08 | CVE-2021-3448 | A flaw was found in dnsmasq in versions before 2.85. | 4.0 |