Windows Print Spooler hit with local privilege escalation vulnerability
By Chris Duckett | July 16, 2021 -- 05:08 GMT (22:08 PDT) | Topic: Security
After a pair of PrintNightmare vulnerabilities, the last thing the Windows Print Spooler needed was a third vulnerability, and yet it exists.
"An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft said.
"Microsoft analysis has shown that exploit code could be created in such a way that an attacker could consistently exploit this vulnerability. Moreover, Microsoft is aware of past instances of this type of vulnerability being exploited. This would make it an attractive target for attackers, and therefore more likely that exploits could be created," Microsoft's exploitability index explained.
