202112 Aug

Windows 10: Microsoft just revealed another Print Spooler bug


SEE: Malware developers turn to exotic programming languages to thwart researchers "A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Admins have an option to disable Microsofts mitigation, but emphasized that it "will expose your environment to the publicly known vulnerabilities in the Windows Print Spooler service." The issues affecting the Print Spooler service have escalated over the summer as a result of researchers finding different avenues to attack the set of flaws. SEE: One third of cybersecurity workers have faced harassment at work or online - this initiative aims to stamp it out Will Dormann, a vulnerability analyst at the CERT/CC, pointed out the apparently incomplete fixes in the August 2021 Patch Tuesday updates.

Source: Zdnet