Article 5M9N4 Disable the Windows print spooler to prevent hacks, Microsoft tells customers

Disable the Windows print spooler to prevent hacks, Microsoft tells customers

by
Dan Goodin
from Ars Technica - All content on (#5M9N4)
printer-800x534.jpeg

Enlarge (credit: Getty Images)

Microsoft hit yet another snag in its efforts to lock down the Windows print spooler, as the software maker warned customers on Thursday to disable the service to contain a new vulnerability that helps attackers execute malicious code on fully patched machines.

The vulnerability is the third printer-related flaw in Windows to come to light in the past five weeks. A patch Microsoft released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.

Bring your own printer driver

On Thursday, Microsoft warned of a new vulnerability in the Windows print spooler. The privilege-escalation flaw, tracked as CVE-2021-34481, allows hackers who already have the ability to run malicious code with limited system rights to elevate those rights. The elevation allows the code to access sensitive parts of Windows so malware can run each time a machine is rebooted.

Read 9 remaining paragraphs | Comments

index?i=kW3ACUi7Tno:jAxMkW_iPLI:V_sGLiPB index?i=kW3ACUi7Tno:jAxMkW_iPLI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments