CVE-2022-21999

Name of the Vulnerable Software and Affected Versions Windows Print Spooler versions prior to the fixed version

Description The issue is related to errors in security settings, allowing an attacker to elevate their privileges. This can affect the system, potentially leading to further exploitation. The vulnerability has been exploited in real-world incidents, including ransomware attacks by groups such as LockBit 2.0. Industries affected include Telco, Retail, Financial, and Government, primarily in Cyprus and Russia.

Recommendations For Windows Print Spooler, apply the official fix to resolve the issue. As a temporary workaround, consider restricting access to the Print Spooler service until the patch is applied. Avoid using vulnerable functions related to the Print Spooler until the issue is resolved.