CVE-2020-1030

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler (affected versions not specified)

Description: The issue is related to inadequate access control in the Windows Print Spooler service, allowing an attacker to elevate their privileges by running a specially crafted application. This could enable the attacker to run arbitrary code with elevated system privileges, install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to log on to an affected system and run a specially crafted script or application.

Recommendations: To resolve the issue, apply the update that corrects how the Windows Print Spooler Component writes to the file system. As a temporary workaround, consider restricting access to the Windows Print Spooler service until the update is applied. Avoid running specially crafted scripts or applications on affected systems until the issue is resolved.