Windows 10 has a dangerous print spooler bug, and there is no fix
An unpatched vulnerability in the Windows Print Spooler exists that could be exploited by an attacker to run malicious software with elevated system privileges.
The issue affects Windows 7, Windows 8.x, Windows 10 as well as versions of Windows Server. It is being tracked as CVE-2020-1048 and CVE-2020-1337 and has a severity rating of "Important". Despite having been acknowledged by Microsoft back in May, a working patch is yet to be rolled out.
- Microsoft is making it possible to run Android apps in Windows 10
- Microsoft is looking into Windows 10 slow boot and performance problems after KB4559309 Edge update
- Using the HOSTS file to block Windows 10 telemetry? Microsoft now flags it as a severe security risk
The company did issue a fix for the CVE-2020-1048 vulnerability in May, but it was found to be easy to bypass. As a result, it is now being treated as a new vulnerability which is tracked as CVE-2020-1337. Microsoft is due to issue a fix next week on Patch Tuesday.
The company explains the issue on its security website:
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.
The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
Details of just how it was possible to bypass the fix are yet to be released for obvious reasons, but more information is expected when the patch is available.