Microsoft has found a new vulnerability in the Windows Print Spooler service. This vulnerability is classified as dangerous. But unlike the “PrintNightmare” vulnerability this issue can’t be executed remotely to steal data.
The details about this vulnerability can be found here as CVE-2021-34481. Print Spooler vulnerability allows data to be smuggled into the Windows print spooler service in order to then carry out further actions on the system with elevated rights. However, to execute a successful attack attacker must be logged into the system locally. Which make the exploitation using this vulnerability considerably more difficult.
Also, there are no known cases of attacks using this vulnerability to this date although Microsoft is working on fixing the vulnerability. Like the “PrintNightmare” vulnerability patch we might get an unscheduled security update in the future.
Currently, there is only one way to fix this vulnerability; which is the deactivation of the Print Spooler service. However, this solution is impractical for users who uses their devices for office work.