Microsoft warns again of a vulnerability in the Windows print spooler-service. This time it’s a privilege escalation flaw thus allowing attackers to execute code with system-level privileges.
Microsoft says it is working on a patch for the vulnerability, but has not yet released an indication of when it should be released. There is also no indication of which versions of Windows 10 are vulnerable. In the meantime there is only one workaround available. That amounts to stopping the Print Spooler service via a PowerShell command. This makes it impossible to print.
The vulnerability has been designated CVE-2021-34481, with a CVSS score of 7.8. “An attacker who successfully exploited this vulnerability could execute arbitrary code with system privileges. The attacker could then install programs, view, modify, or delete data, or create new accounts with full user privileges. The attacker must have the ability to extract code on a victim system to exploit this vulnerability.”
It is the third print-related vulnerability in Windows to come to light in the past five weeks, Ars Technica lists. The security researcher who reported the vulnerability to Microsoft, Jacob Baines, tells Ars that he finds the situation striking. He reported the matter to Microsoft in June and gave an August 7 deadline to come up with a resolution. According to him, it is customary that the moment of public disclosure whether the time of patch release is used as a trigger for a advisory to publish. It is not clear why this is happening at the moment. “Maybe they’ve seen the details about the vulnerability elsewhere, but I haven’t.”