Skip to main content
  1. Home
  2. Computing

Microsoft warns Windows users of another unpatched printing vulnerability

By

Microsoft might have patched PrintNightmare in Windows, but for the second time this month, there’s yet another printer-themed vulnerability in the wild.

Just detailed is a new vulnerability in the Windows Print Spooler service that could allow hackers to install programs; view, change, or delete data; and create new accounts on your PC.

Recommended Videos

Though that might sound scary, it is important to note that to leverage this new vulnerability, hackers will need to execute code on a victim system. Basically, it means that a hacker would need physical access to your PC. Microsoft mentions this in the support guide for the new vulnerability, going by the name of CVE-2021-34481.

Related

It is there where Microsoft labels the vulnerability with a score of 7.8 and “important” severity, meaning it is a high-security risk. However, Microsoft does also mention that though CVE-2021-34481 was made public, it hasn’t been exploited — though another note details exploitation is “more likely.”

A printer sitting on a desk by a window.
Image used with permission by copyright holder

Microsoft hasn’t yet mentioned when a patch for this new vulnerability will be released. Instead, the company says it is investigating and “developing a security update.” Importantly, Microsoft points out that this new issue wasn’t caused by the July 2021 security update, which initially patched PrintNightmare.

Still worried? There is a temporary workaround for those who might be concerned. The workaround involves opening Powershell on Windows and determining if the Print Spooler Service is running, then stopping and disabling the service. The downside of this workaround is that stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

The last time, Microsoft was quick to release a patch for PrintNightmare. It happened within four days of Microsoft first discovering the issue. It’s unknown if a similar patch for this exploit could come at a similar time. Seeing as though the situation is a little less urgent, with hackers needing local access to a PC, it could be a while.

Microsoft credited the security researcher Jacob Baines for discovering this issue and reporting it to Microsoft. Baines notes on his Twitter page that he doesn’t believe this new vulnerability to be a variant of PrintNightmare.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Microsoft fixes Windows 11 PC Health Check app, extends processor compatibility
Laptop sitting on a desk showing Windows 11's built-in Microsoft Teams experience.

A few months after the Windows 11 PC Health Check app was taken offline, Microsoft is ready to bring it back. This time around, the company has made some significant changes to the experience, to ensure that the app provides more clarity and accuracy in deciding if a Windows PC can run Microsoft's latest Windows 11 operating system.

Now in testing first with Windows Insiders, and rolling out to everyone in the coming weeks, the biggest change has to do with the eligibility check function. Microsoft says that the PC Health Check app now has more complete and improved messaging on eligibility for Windows 11, with links to supporting articles on remediation steps, including information on firmware TPM.

Read more
This crucial Windows update finally fixes the PrintNightmare vulnerability
Brother's L8360 is a great color laser printer for small offices.

Microsoft has issued a new security patch for the issues surrounding the PrintNightmare vulnerability in Windows. This time around, Microsoft is changing the default Point and Print driver installation and update behavior to require administrator privileges.

According to Microsoft, this latest change comes because the company believed the default behavior of Point and Print did not provide its customers with "the level of security required to protect against potential attacks." This basically addresses the issue from early August where a cybersecurity researcher managed to exploit the Windows Print Spooler and gain administrative privileges in Windows by using a custom print server.

Read more
Microsoft reveals the brand new look of the Windows 11 Snipping Tool
microsoft reveals preview of new windows 11 snipping tool 2

Panos Panay, head of Microsoft’s Windows & Devices division, released a short video today that offers a glimpse of the new Snipping Tool in Windows 11. The 17-second video teases an updated version of the tool that Panay promises is coming to Windows Insider soon.

Though significant changes haven’t been made to the tool, the video shows that it is no longer a scissor and is, instead, a plus sign. A couple of other minor iconography changes have been made to make sure the new icon is in alignment with the updated Windows theme. These include design changes in the delay and settings icon. The Mode button now also leverages a drop-down menu for more options.

Read more