CVE-2021-34527 - Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Project:Microsoft
Product:Windows
Date Added:2021-11-03Due Date:2021-07-20
Vulnerability Name
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Description
Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
Reference CISA's ED 21-04 (https://www.cisa.gov/news-events/directives/ed-21-04-mitigate-windows-print-spooler-service-vulnerability) for further guidance and requirements. Note: The due date for addressing this vulnerability aligns with the requirements outlined in ED 21-04. https://nvd.nist.gov/vuln/detail/CVE-2021-34527
Related News Articles
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?January 30, 2025