Razer Leviathan V2 gaming soundbar review
Guru3D NVMe Thermal Test - the heatsink vs. performance
EnGenius ECW220S 2x2 Cloud Access Point review
Alphacool Eisbaer Aurora HPE 360 LCS cooler review
Noctua NH-D12L CPU Cooler Review
Silicon Power XPOWER XS70 1TB NVMe SSD Review
Hyte Y60 chassis review
ASUS ROG Thor 1000W Platinum II (1000W PSU) review
ASUS ROG Rapture GT-AXE11000 WIFI6E router review
Backforce One Plus Gaming Chair review
Microsoft security advisory - new vulnerability in the Windows Print Spooler feature.
Microsoft has issued another security advisory regarding a new vulnerability in the Windows Print Spooler feature. An attacker can take advantage of this vulnerability to execute code with administrative privileges on a system. As a solution, the business recommends that you disable the Spooler feature on your computer.
When attempting to connect to a print server, the vulnerability is revealed. An.dll file can be copied to the client, which then opens a system level command prompt, from which code can be executed, using this print server. The vulnerability has been assigned the identification number CVE-2021-36958 and has been assigned a CVSS score of 6.8. An attacker who successfully exploits this vulnerability may be able to execute code with system privileges, according to the company's statement. "An attacker has the ability to install programs, edit data, and establish new accounts with full access rights to the system," says the author.
Microsoft is aware of the vulnerability but has not yet produced a patch to address it. According to the firm, a workaround is available, which suggests that the Print Spooler service be turned off entirely. Microsoft previously gave the same warning in preparation of patches for vulnerabilities known as PrintNightmare, which were identified in the Print Spooler service a few weeks ago and are being worked on by the company's security researchers.
Over the past few weeks, Microsoft uncovered numerous vulnerabilities in the Windows Print Spooler service, which were being actively exploited at the time of discovery. The first emergency patch, provided by Microsoft in early July, was intended to address a series of vulnerabilities in the Print Spooler functionality, which had been discovered. The system's security measures, however, were not sufficient to prevent a local privilege escalation. A second patch was later released, which altered the process by which printer drivers could be installed on Windows. System administrators will be the only ones who will be able to do this from now on.
Microsoft has halted the Windows 365 trial because of "extremely high demand." - 08/05/2021 09:32 AM
Microsoft officially launched Windows 365, a cloud-based PC service that provides businesses with a virtual Windows 10 desktop. The service was officially launched earlier this week....
Microsoft makes choice for a different default browser extra difficult in Windows 11 - 08/02/2021 06:21 PM
An old annoyance appears to have returned to Windows 11 in the form of being unable to quickly change the default browser....
System requirements for Microsoft Windows 11 remain unchanged - 07/27/2021 08:40 AM
Microsoft has reconfirmed that users with outdated systems will not be able to upgrade to the new Windows version due to security reasons, among other things....
Microsoft shows 11 new screenshots of Forza Horizon 5 - 07/27/2021 08:40 AM
11 new 4K screenshots of Forza Horizon 5 have been released by Microsoft and Playground Games, showing what to expect when the game launches in November....
Intel kinda confirms Microsoft Windows 11 release date - 07/20/2021 08:51 AM
Intel announced when Windows 11 is released in a driver release log. The Microsoft release date itself has not been specified yet, but the Intel paper indicates that the new operating system will be i...
warezme
Senior Member
Posts: 231
Joined: 2007-05-26
Senior Member
Posts: 231
Joined: 2007-05-26
#5938493 Posted on: 08/16/2021 05:37 PM
Thank you for basically misunderstanding what you've read but confirming it anyway.
The print server must already be exploited locally, via trojan or ignorant user believing a tech support scam to serve clients a malformed driver allowing access into the clients remotely.
Why even comment then?
In an enterprise environment the print spooler is used for everything from network printing, PDF's and even Adobe updates rely on the print spooler. Those are obviously going to be the targets not people like you. In this type of environment just turning off the print spooler is not an acceptable solution.
Thank you for basically misunderstanding what you've read but confirming it anyway.
The print server must already be exploited locally, via trojan or ignorant user believing a tech support scam to serve clients a malformed driver allowing access into the clients remotely.
Why even comment then?
In an enterprise environment the print spooler is used for everything from network printing, PDF's and even Adobe updates rely on the print spooler. Those are obviously going to be the targets not people like you. In this type of environment just turning off the print spooler is not an acceptable solution.
Astyanax
Senior Member
Posts: 13415
Joined: 2018-03-21
Senior Member
Posts: 13415
Joined: 2018-03-21
#5938501 Posted on: 08/16/2021 06:12 PM
if your print spooler is exploited, your IT is a moron.
Please Comprehend before responding.
The print server has to be actively exploited before this attack can be used.
In an enterprise environment the print spooler is used for everything from network printing, PDF's and even Adobe updates rely on the print spooler. Those are obviously going to be the targets not people like you. In this type of environment just turning off the print spooler is not an acceptable solution.
if your print spooler is exploited, your IT is a moron.
Please Comprehend before responding.
The print server has to be actively exploited before this attack can be used.
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 118
Joined: 2017-10-28
And yet, they want to release Windows 365? That's stupid. You might want to think twice about using it in a Chrome built browser.