Microsoft shared new instructions about another vulnerability in Windows Print Spooler, saying it is working to fix it in a future security update.
Identified as CVE-2021-34481 (CVSS score: 8.6), the problem is related to local state enhancement errors that can be misused to perform unauthorized functions on the system. The agency forwarded the report to security investigator Jacob Bains to detect and report the error.
Stack overflow teams
“A privilege vulnerability exists when Windows Print Spooler conveniently performs file operations correctly. An attacker who successfully exploited this vulnerability could voluntarily submit code with SYSTEM privileges,” the Windows developer suggested. “An attacker could then install programs, view, modify, or delete data, or create new accounts with full access.”
Microsoft However, it is worth mentioning that in order to successfully exploit vulnerabilities, an attacker must have the ability to execute code on the victim system. In other words, this vulnerability can only be exploited locally to improve the comfort of any device.
As a workplace, Microsoft urges users to turn off and turn off the Print Spooler service to prevent malicious users from exploiting the vulnerability.
The development comes a few days after an agency in Redmond distributed patches to fix critical deficiencies in the same component, revealing that wild attacks were actively used.
Corporate password management
Duplicate Printing Nightmare (CVE-2021-34527), a vulnerability caused by a lack of license verification in print training that allows malicious printer drivers to be installed to improve remote code execution or local services on a malicious system.
However, it has since been pointed out that out-of-band security updates can be completely bypassed under certain circumstances, both to improve local interests and to execute code remotely. Microsoft has since said the changes “work as intended and are effectively referred to as the use of printer spoolers and other public reports known as printnitmeyer.”
Did you find this article interesting? Follow THN on Facebook, Twitter Lin and LinkedIn to read more of the exclusive content we submit.