Microsoft warns of new vulnerability in Windows 10 printing system
Microsoft again warns of a vulnerability in the Windows print spooler service. This time it concerns a privilege escalation flaw that allows attackers to execute code with rights at system level.
Microsoft says it is working on a patch for the vulnerability, but has not yet released an indication of when it should be released. There is also no indication of which versions of Windows 10 are vulnerable. In the meantime, only a workaround is available. That amounts to stopping the Print Spooler service via a PowerShell command. This makes it impossible to print.
The vulnerability has been designated CVE-2021-34481, with a CVSS score of 7.8. “An attacker who successfully exploited this vulnerability could execute arbitrary code with system privileges. The attacker could then install programs, view, modify, or delete data, or create new accounts with full user privileges. The attacker must have the ability to extract code on a victim system to exploit this vulnerability.”
It is the third print-related vulnerability in Windows to come to light in the past five weeks, Ars Technica lists. The security researcher who reported the vulnerability to Microsoft, Jacob Baines, tells Ars that he finds the situation striking. He reported the matter to Microsoft in June and gave an August 7 deadline to come up with a resolution. According to him, it is customary for the moment of public disclosure or the moment of patch release to be used as a reason to publish an advisory. It is not clear why this is happening at the moment. “Maybe they’ve seen the details about the vulnerability elsewhere, but I haven’t.”