CVE-2021-1678

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version

Description The issue is related to a security feature bypass vulnerability in the NTLM protocol implementation in Windows. This vulnerability can be exploited by a remote attacker to gain unauthorized access to protected information. A spoofing vulnerability allows attackers to affect the system. The vulnerability is related to the Windows Print Spooler service and can be exploited to bypass Point and Print (PnP) restrictions.

Recommendations For Windows versions prior to the fixed version, consider configuring the NTLMSSP protocol to set the clear-text NT password used to authenticate against the print server as a temporary workaround. Restrict access to the Print Spooler service to minimize the risk of exploitation. Avoid using the Print Spooler service over the network until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.