Microsoft says update now as PrintNightmare security threat return once again

New bug also doesn’t have a fix yet

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The security issues in theWindowsPrint Spooler don’t seem to end, asMicrosofthas acknowledged yet another remote code execution (RCE) vulnerability in the subsystem.

Tracked as CVE-2021-36958 with a CVSS score of 7.3, the yet-unpatched bug is the latest to join aseries of flawscollectively known asPrintNightmarethat have plagued the printer service over the last few months.

Surprisingly though, Microsoft’s acknowledgement of the vulnerability, comes over eight months after it was reported by a cybersecurity researcher inDecember 2020.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

“An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,”says Microsoftexplaining the newest vulnerability.

Stop press

Will Dormann, a vulnerability analyst for CERT/CC, toldBleepingComputerthat Microsoft has confirmed that the CVE-2021-36958 vulnerability corresponds to a proof-of-concept shared by security researcherBenjamin Delpy on Twitterlast month.

Delpy’s trick, explainsBleepingComputer, uses the CopyFile registry directive to copy a DLL file, which then opens a command prompt to the client when you connect to a printer.

While Microsoft has since tweaked thepermissions of the Point and Print featureto require administrative privileges, Delpy PoC will still work since it requires an already-installed driver.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In any case, Microsoft says it is now working to patch the bug. However, in the absence of a fix, Microsoft suggests the only available workaround to mitigate CVE-2021-36958 is to stop and disable the Print Spooler service.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind