Microsoft security advisory - new vulnerability in the Windows Print Spooler feature.
Click here to post a comment for Microsoft security advisory - new vulnerability in the Windows Print Spooler feature. on our message forum
Reddoguk
I always do disable printer spooler because i never use a printer so it's a useless use of resources. All those processes for printing should be able to be removed from the install of a fresh copy of Windows.
Astyanax
still requires an exploited system to pull off.
Excalibur1814
Reardan
Astyanax
Reardan
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36958
Where do you see that it requires physical access, or a trojan? And it doesn't have to be a compromised print server on the network, it can just be a public facing print server you control.
I did get my print nightmares mixed up otherwise. This is only local escalation, not domain like before. Aside from that though idk where you got your information.
Mineria
Reardan
It literally says "remotely or via user interaction." It does not say physical access is required. Physical access means you need solder, or remove, or short, or do something physical to the machine that you can ONLY do when there...It doesn't mean manipulate the keyboard guys come on what is this?
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17099
This is an example of an attack requiring PHYSICAL ACCESS you can see because the Vector says PHYSICAL. Local and physical are different.
tsunami231
still dont care that printer spool service has been disable for 15+ years and has been turn on maybe 10 in that time
Astyanax
Erick
And yet, they want to release Windows 365? That's stupid. You might want to think twice about using it in a Chrome built browser.
warezme
Astyanax