CVE-2021-34527 - Microsoft Windows Print Spooler Remote Code Execution Vulnerability

: Microsoft | Windows

Date Added:
2021-11-03

Due Date:
2021-07-20

Vulnerability Name: Microsoft Windows Print Spooler Remote Code Execution Vulnerability

Description: Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply updates per vendor instructions.

Additional Notes: Reference CISA's ED 21-04 (https://www.cisa.gov/news-events/directives/ed-21-04-mitigate-windows-print-spooler-service-vulnerability) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-04. https://nvd.nist.gov/vuln/detail/CVE-2021-34527

Related News Articles: PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?January 30, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard