CVE-2021-34481

Name of the Vulnerable Software and Affected Versions Windows Print Spooler versions prior to the version with the security update released by Microsoft

Description The issue is related to insufficient access restrictions in the Windows Print Spooler service, allowing a remote attacker to execute arbitrary code with SYSTEM privileges by loading a malicious DLL library. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Windows Print Spooler versions prior to the version with the security update released by Microsoft: Install the security updates provided by Microsoft immediately to address this issue. Additionally, consider changing the Point and Print default behavior as described in KB5005652. As a temporary workaround, consider restricting access to the Windows Print Spooler service until the security update is applied.