sSince the beginning of July 2021, the rarely discussed print queue in Windows has suddenly become on everyone’s lips. Due to a newly discovered security flaw in this software component, it has threatened a hostile takeover of the PC. Unfortunately, all relevant versions of Windows are affected today and billions of computers are potentially at risk. The situation was made worse by an unfortunate incident between two young researchers who, due to a misunderstanding, also published a sample code to exploit the vulnerability. Microsoft then released a patch that was initially incorrectly said to not solve the problem. In keeping with this long string of unfortunate coincidences, the security hole has been named PrintNightmare. but that is not all? Now another security hole has appeared in the same program.
New security vulnerability in Windows print spooler
under the file number CVE-2021-34481 Microsoft has indexed a newly discovered vulnerability in the Windows print queue. It says there that the vulnerability allows data to be smuggled into the Windows print spooler service in order to perform more actions in the system with admin rights. The attacker must be locally registered to exploit this vulnerability? Just like with PrintNightmare. Also in this case, it only helps to deactivate the Windows Print Spooler service until the patch bridges the gap that Microsoft is already working on. The only noticeable differences with PrintNightmare: No attempt has been made to exploit the new security hole and it is not yet clear if all relevant versions of Windows are affected again.