Microsoft Finds a Third Print Spooler Bug
Microsoft finds another bug in Windows print spooler
Microsoft is again urging its customers to disable Windows print spooler, warning of a new escalation-of-privilege vulnerability in all Windows versions, even those with the recent PrintNightmare patch. This is the third print spooler vulnerability to emerge in five weeks.
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker’s control and the ‘Queue-Specific Files’ feature.
Last month, a security researcher accidentally revealed a zero-day Windows print spooler vulnerability known as PrintNightmare that Microsoft tracks as CVE-2021-34527.
Exploiting this vulnerability lets a threat actor increase privileges on a machine or execute code remotely.