Microsoft Suggests Disabling Windows Print Spooler After New Bug Discovered

Microsoft is investigating a brand new vulnerability within the Windows print spooler service and is recommending that IT execs disable it, if attainable, as an interim measure, though doing so eliminates the flexibility to print.

IT execs could already be on excessive alert as Microsoft has beforehand launched two patches for “Critical”-rated Windows print spooler safety points. This new vulnerability is an elevation-of-privilege vulnerability in Windows print spooler and is described in Microsoft’s CVE-2021-34481 security bulletin.

The new vulnerability has been publicly disclosed, nevertheless it hasn’t but been exploited, per the CVE-2021-34481 safety bulletin’s description.

No Patch Available Yet
CVE-2021-34481 is at the moment below investigation by Microsoft and there is not any patch out there. There’s solely a short lived “workaround” resolution of disabling the Windows print spooler service.

The vulnerability seems to be a foul one, with a Common Vulnerability Scoring System rating of seven.8 out of 10. Here’s how the safety bulletin described it:

An attacker who efficiently exploited this vulnerability may run arbitrary code with SYSTEM privileges. An attacker may then set up packages; view, change, or delete information; or create new accounts with full person rights.

Security options agency Sophos famous the CVE-2021-34481 vulnerability in this commentary. It defined why an elevation-of-privilege software program flaw is not as unhealthy as a distant code execution software program flaw, regardless that each are fairly unhealthy.

The CVE-2021-34481 safety bulletin indicated that Microsoft is engaged on a patch, however prompt that its launch could happen in response to Microsoft’s regular “month-to-month Update Tuesday cadence.” Update Tuesdays fall on the second Tuesdays of every month, so a patch probably could arrive on Aug. 10, however Microsoft did not specify timing.

Not PrintNightmare
Security researchers could also be having flashbacks to the Windows print spooler vulnerabilities dubbed “PrintNightmare,” though CVE-2021-34481 is claimed to be totally different from PrintNightmare.

Microsoft credited Jacob Baines, a software program reverse engineer, for uncovering CVE-2021-34481. However, Baines indicated in a Twitter post that he did not do coordinated disclosure with Microsoft and was shocked by the point out. He stated that he does not contemplate CVE-2021-34481 to be a PrintNightmare variant and is planning to speak about it at DEF CON, a safety occasion. The subsequent DEF CON occasion is scheduled for August.

The Windows print spooler currently has been a punching bag for safety researchers. Microsoft initially issued a patch for an “Important”-rated Windows print spooler vulnerability (CVE-2021-1675) on June 8, as a part of its common replace Tuesday safety patch bundle. Weeks later, it later upgraded the severity of CVE-2021-1675 to a Critical-rated distant code execution vulnerability.

On July 6, Microsoft launched an “out-of-band” (unscheduled) patch for a Windows print spooler distant code execution vulnerability (CVE-2021-34527). This vulnerability additionally may allow an attacker to run code with system privileges. Security researchers had stated, although, that Microsoft’s patch did not repair a neighborhood privilege escalation state of affairs.

On July 8, the Microsoft Security Response Center group responded to such claims and declared that CVE-2021-34527 was “effective.” Some folks simply had set their Registry settings incorrect, the group prompt.

The July 15 disclosure of the CVE-2021-34481 Windows print spooler vulnerability elicited commentary from Kevin Beaumont, a safety researcher and former Microsoft worker. Regarding the Windows print spooler points, Beaumont said that Microsoft had “VPs tweeting out statements saying it was mounted, once they knew it wasn’t,” in response to this Twitter post thread.

Microsoft appears to have solely given public discover of the brand new CVE-2021-34481 vulnerability to date through this July 15 Microsoft Security Response Center Twitter post. Beaumont had alluded to a “new MSRC piece” on the subject, nevertheless it wasn’t out there at press time.

About the Author

Kurt Mackie is senior information producer for 1105 Media’s Converge360 group.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Microsoft Suggests Disabling Windows Print Spooler After New Bug Discovered

Related Posts

This quant hedge fund has a thing for ex-JPMorgan VPs in Hong Kong

Protis Global Appoints VPs of Business Development

10 Best VPS Hosting Forex Brokers (☑Updated 2024*)

Meta Business VPs Leave Ahead of Thousands More Layoffs

VPS Convenience Store Group (Village Pantry)

New VPs of News Named for NBC4 and Telemundo 52 in L.A.