Microsoft offers workaround, but no fix, for yet another Windows print spooler security vulnerability

13 Comments
Square Microsoft store logo

Just as there has been a spate of hugely problematic updates for Windows 10 over the last year, in recent weeks there has been a seemingly endless stream of security flaws relating to the Windows print spooler. Now Microsoft has acknowledged another zero-day vulnerability.

There is currently no fix available for the security bug, a Remote Code Execution vulnerability which is being tracked as CVE-2021-36958. However, Microsoft has offered up a (less than ideal) workaround for this latest vulnerability from the PrintNightmare family.

See also:

Security researcher Benjamin Delpy recently shared a Proof of Concept on Twitter, and Microsoft has confirmed that CVE-2021-36958 relates to this. The security vulnerability has a CVSS score of 7.3, and there is some confusion about why it has been classed as remote code execution flaw when local access is required to exploit it.

Microsoft says of the flaw:

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

As has been the case with previous related bugs, there is a workaround, but it is one that is less than ideal for many people -- stopping and disabling the Print Spooler service.

Microsoft shares details of the steps people need to take:

Determine if the Print Spooler service is running

Run the following in Windows PowerShell:

Get-Service -Name Spooler

If the Print Spooler is running or if the service is not disabled, follow these steps:

Stop and disable the Print Spooler service

If stopping and disabling the Print Spooler service is appropriate for your environment, run the following in Windows PowerShell:

Stop-Service -Name Spooler -Force

Set-Service -Name Spooler -StartupType Disabled

Impact of workaround Stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

Image credit: Sundry Photography / Shutterstock

13 Comments

13 Responses to Microsoft offers workaround, but no fix, for yet another Windows print spooler security vulnerability

Got News? Contact Us

Recent Headlines

The psychological impact of phishing attacks on your employees

Canonical releases Ubuntu Linux 24.04 LTS 'Noble Numbat'

New tool lets enterprises build their own secure gen AI chatbots

Younger women are going into cybersecurity but more needs to be done

Politically motivated DDoS attacks on the rise

TCL 50 XL 5G Android smartphone hits Metro by T-Mobile: Big features, small price

The increasing sophistication of synthetic identity fraud

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

22 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

18 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.