Categories: Cyber Security News

New Unpatched Windows Print Spooler Bug Let Hackers Exploit The Elevation of Privilege

Microsoft issued a new security warning about the unpatched Windows Print Spooler Elevation of privilege vulnerability that allows attackers to execute an arbitrary code with the system privileges’.

“The print spooler service is a service that is running on each computer that participates in the Print Services system. The print spooler service implements the print client and print server roles, by enabling each participating system to act as a print client, administrative client, or print server for the Print Services system.”

The Vulnerability found existing in the Print Spooler service allows attackers to perform a local elevation of privilege.

Once the attackers successfully exploited this vulnerability, they could install the malicious programs, modify, change and delete the data, which also allows attackers to create new user accounts.

In order to exploit the vulnerability, an attacker needs to execute the code on a victim system, and it is a local privilege escalation vulnerability and tracked as CVE-2021-34481.

According to Microsoft report “An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. “

Mitigation:-

Microsoft published a work around for this vulnerability to secure the system from this vulnerability.

“We will update this CVE when we complete our investigation. If you wish to be notified when updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.” Microsoft said.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild Following PoC Release

A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively…

15 hours ago

New Go-Based Malware Exploits Telegram and Use It as C2 Channel

Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram…

1 day ago

Beware of Fake BSOD Delivered by Malicious Python Script

A recently discovered Python script has been flagged as a potential cybersecurity threat due to…

1 day ago

Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly

A website launched by Elon Musk's Department of Government Efficiency (DOGE) has been found to…

2 days ago

Lazarus Group Infostealer Malwares Attacking Developers In New Campaign

The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked…

2 days ago

XELERA Ransomware Attacking Job Seekers With Weaponized Word Documents

Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity…

2 days ago