Microsoft shares guidance on new Windows Print Spooler vulnerability

78

Microsoft is sharing reduction guidance on a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was divulged tonight.

Microsoft launched an advising Thursday evening for a new CVE-2021-34481 altitude of benefit vulnerability in the Windows Print Spooler that Dragos protection scientist Jacob Baines uncovered.

Unlike the just recently covered Print Nightmare vulnerability, this vulnerability can just be manipulated in your area to obtain raised benefits on a tool.

“The attack is not really related to PrintNightmare. As you know, PN can be executed remotely and this is a local only vulnerability,” Baines validated to BleepingComputer.

Not much is recognized right now concerning the vulnerability, including what variations of Windows are prone.

However, Baines did show BleepingComputer that it is printer driver-related.

Baines will certainly be sharing even more details concerning CVE-2021-34481 on August 7th throughout a DEF CON talk entitled “Bring Your Own Print Driver Vulnerability

Mitigation actions readily available

While Microsoft has actually not launched protection updates to resolve this problem, they have actually supplied reduction actions that admins can make use of to obstruct assaulters from manipulating the vulnerability.

At this moment, the readily available choice is to disable the Print Spooler solution on a susceptible gadget.

Option 1 – Disable the Print Spooler solution

If disabling the Print Spooler solution is suitable for your venture, make use of the adhering to PowerShell regulates:

Stop-Service -Name Spooler -Force

Set-Service -Name Spooler -StartupType Disabled

It is essential to keep in mind that if you disable the print spooler on a tool, the gadget will certainly no more print to a neighborhood or remote printer.