Remote code execution (“PrintNightmare”) vulnerabilities in Microsoft Windows
Multiple remote code execution vulnerabilities were identified in Microsoft Windows Print Spooler Service named “PrintNightmare”, a remote attacker could exploit these vulnerabilities to trigger remote code execution with SYSTEM privileges on the targeted system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights by exploited the captioned vulnerability.
System administrators are strongly recommended to apply the security updates and take remedial measures whereas possible.
Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527) (PrintNightmare)
Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-1675)
Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34481)
Affected Product Version
All versions of Windows are vulnerable.
For all Windows Desktop OS, or Windows Servers running as Print Server:
Install the latest security updates for your system.
[Update] Windows updates released 10 August 2021 and later will, by default, require administrative privilege to install drivers. Please refer to KB5005652—Manage new Point and Print default driver installation behavior (CVE-2021-34481) for details.
For Windows servers that do not need Printer function, please install those security patches and please consider to disable the Print Spooler service.