Security News

Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. Since the incomplete fix, security researchers have been heavily scrutinizing the Windows printing APIs and have found further vulnerabilities affecting the Windows print spooler.

During Windows 11's June 2021 event, Microsoft confirmed that Android apps are coming to Windows 11 and users will be able to try mobile apps on the desktop operating system. Amazon has already confirmed that its Appstore will support Android App Bundles, the next-generation Android app standard format that will eventually replace the current APK format.

Microsoft released the first preview build of Windows 10 21H2 this week, but it is not being offered to everyone at this time. On Thursday, Microsoft released the first Windows 10 21H2 preview build.

Microsoft on Thursday shared fresh guidance on yet another vulnerability affecting the Windows Print Spooler service, stating that it's working to address it in an upcoming security update. "An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges," the Windows maker said in its advisory.

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. "This Patch Tuesday comes just days after out-of-band updates were released to address PrintNightmare - the critical flaw in the Windows Print Spooler service that was found in all versions of Windows," Bharat Jogi, senior manager of vulnerability and threat research at Qualys, told The Hacker News.

Microsoft's problems with security defects in the Windows Print Spooler utility are getting worse by the week. After spending the last two months pushing out multiple Print Spooler fixes, Redmond's security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks.

Microsoft has shared guidance revealing yet another vulnerability connected to its Windows Print Spooler service, saying it is "Developing a security update." The latest Print Spooler service vuln has been assigned CVE-2021-34481, and can be exploited to elevate privilege to SYSTEM level via file operations.

A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said. The spyware exploits two elevation-of-privilege security vulnerabilities in Windows, CVE-2021-31979 and CVE-2021-33771, both of which were addressed in Microsoft's July Patch Tuesday update this week.

Microsoft will continue to release Windows 10 feature updates, such as Windows 10 21H2, through October 2025 to allow businesses and consumers time to switch to Windows 11. As most of the development for new features is going into Windows 11, Microsoft will be releasing limited features for Windows 10 going forward.

Microsoft has warned of yet another vulnerability that's been discovered in its Windows Print Spooler that can allow attackers to elevate privilege to gain full user rights to a system. The company released the advisory late Thursday for the latest bug, a Windows Print Spooler elevation-of-privilege vulnerability tracked as CVE-2021-34481.