Microsoft Windows Print Spooler Remote Code Execution Vulnerability

Microsoft Windows Print Spooler Remote Code Execution Vulnerability

A critical* Windows Print Spooler Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.8 was released by Microsoft.

Vulnerabilities regarding Print Spooler were started with CVE-2021-1675 within this context. The other vulnerabilities regarding this situation which has sometimes been called “PrintNightmare” are as follows;

• CVE-2021-34527
• CVE-2021-34481
• CVE-2021-36936
• CVE-2021-36947
• CVE-2021-34483
• CVE-2021-36958

Affected Systems

Windows Operating Systems/Windows Print Spooler

IoC’s

-

Recommended Solution(s)

Organizations are recommended to take the following actions;

• Follow all the related vulnerability notifications released by Barikat Cyber Security.
• Follow all the related updates released by Microsoft.
• Print Spooler Service may be temporarily turned off until new patches are released.
• Donwload all the patches below related to CVE-2021-36936. Furthermore, you may download all the patches related to the other similar vulnerabilities stated in the “Summary” section above.

CVE / CWE

CVE-2021-36936

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2021-36936
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-36936
• https://www.tenable.com/blog/the-printnightmare-continues-another-zero-day-in-print-spooler-awaits-patch-cve-2021-36958

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.