CVE-2024-21325

Name of the Vulnerable Software and Affected Versions Microsoft Printer Metadata Troubleshooter Tool versions prior to the January 5, 2024 update

Description The issue is related to insufficient input validation in the Microsoft Printer Metadata Troubleshooter Tool, which can allow an attacker to execute arbitrary code. There have been reports of this vulnerability being exploited, with a DLL hijacking vulnerability discovered in the tool. It is estimated that devices that downloaded the tool before January 5, 2024, may be affected.

Recommendations For versions prior to the January 5, 2024 update, delete the previous version of the Microsoft Printer Metadata Troubleshooter Tool if it was downloaded before January 5, 2024. If the tool was run before the update, no further action is required. As a temporary workaround, consider restricting the use of the tool until the updated version is installed.