Skip to main content
  1. Home
  2. Computing

Microsoft warns Windows users of another unpatched printing vulnerability

Arif Bacchus
By

Microsoft might have patched PrintNightmare in Windows, but for the second time this month, there’s yet another printer-themed vulnerability in the wild.

Just detailed is a new vulnerability in the Windows Print Spooler service that could allow hackers to install programs; view, change, or delete data; and create new accounts on your PC.

Recommended Videos

Though that might sound scary, it is important to note that to leverage this new vulnerability, hackers will need to execute code on a victim system. Basically, it means that a hacker would need physical access to your PC. Microsoft mentions this in the support guide for the new vulnerability, going by the name of CVE-2021-34481.

Related

It is there where Microsoft labels the vulnerability with a score of 7.8 and “important” severity, meaning it is a high-security risk. However, Microsoft does also mention that though CVE-2021-34481 was made public, it hasn’t been exploited — though another note details exploitation is “more likely.”

A printer sitting on a desk by a window.
Image used with permission by copyright holder

Microsoft hasn’t yet mentioned when a patch for this new vulnerability will be released. Instead, the company says it is investigating and “developing a security update.” Importantly, Microsoft points out that this new issue wasn’t caused by the July 2021 security update, which initially patched PrintNightmare.

Still worried? There is a temporary workaround for those who might be concerned. The workaround involves opening Powershell on Windows and determining if the Print Spooler Service is running, then stopping and disabling the service. The downside of this workaround is that stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

The last time, Microsoft was quick to release a patch for PrintNightmare. It happened within four days of Microsoft first discovering the issue. It’s unknown if a similar patch for this exploit could come at a similar time. Seeing as though the situation is a little less urgent, with hackers needing local access to a PC, it could be a while.

Microsoft credited the security researcher Jacob Baines for discovering this issue and reporting it to Microsoft. Baines notes on his Twitter page that he doesn’t believe this new vulnerability to be a variant of PrintNightmare.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Microsoft reveals the brand new look of the Windows 11 Snipping Tool
microsoft reveals preview of new windows 11 snipping tool 2

Panos Panay, head of Microsoft’s Windows & Devices division, released a short video today that offers a glimpse of the new Snipping Tool in Windows 11. The 17-second video teases an updated version of the tool that Panay promises is coming to Windows Insider soon.

Though significant changes haven’t been made to the tool, the video shows that it is no longer a scissor and is, instead, a plus sign. A couple of other minor iconography changes have been made to make sure the new icon is in alignment with the updated Windows theme. These include design changes in the delay and settings icon. The Mode button now also leverages a drop-down menu for more options.

Read more
PrintNightmare isn’t over, as Windows is hit with another printing vulnerability

The vulnerabilities in the Windows Print Spooler service just won't end for Microsoft. Despite a recent patch, a cybersecurity researcher has managed to exploit a new bug in the spooler -- showing how someone with bad intent can gain administrative privileges in Windows by using a custom print server.

The new vulnerability works only in a specific situation but is still concerning since it's not patched. Security researcher Benjamin Delpy showcased the inner workings of the vulnerability on his Twitter. This involves using a specific custom print server to install a specially created print driver that can run at the system-privilege level. This can allow non-admin users to open a command prompt with elevated privileges. You can see this in action in this video, as tested by Bleeping Computer, which first reported on the vulnerability.

Read more
HiveNightmare is a nasty new Windows bug. Here’s how to protect yourself
Windows 11 on a tablet.

A new bug called ‘HiveNightmare’ reportedly lets anyone with local or remote access to your PC take it over. This is a fairly new and serious flaw in the latest versions of Windows 10, as well as in Windows 11, which is still being tested in the Windows Insiders program.

Using malware, the hacker can gain complete access to your PC without needing an administrative password. The bug originates from an alleged change in the recent versions of Windows 10 and 11 that grants unauthorized users the privilege to access the Security Account Manager (SAM). The SAM is a database that contains both usernames and passwords for local accounts on the operating system.

Read more