CVE-2021-34527

Name of the Vulnerable Software and Affected Versions Microsoft Windows Print Spooler (affected versions not specified)

Description The Windows Print Spooler service contains a flaw in how it handles file operations, potentially allowing a remote attacker to execute arbitrary code with SYSTEM privileges. This issue, also known as PrintNightmare, has been actively exploited. Reports indicate that attackers have leveraged this vulnerability to deploy ransomware within networks. The vulnerability is related to improper access control restrictions. While the initial exploitation may require some level of prior access, the vulnerability allows for significant system compromise. The vulnerability affects systems even after applying previous fixes, highlighting the need for continued vigilance. Tools have been developed to scan for vulnerable systems and to help mitigate the exploit, including scripts to restrict Point and Print and Remote Print functionality, and validation for User Account Control (UAC) being enabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.