Microsoft might have patched PrintNightmare in Windows, but for the second time this month, there’s yet another printer-themed vulnerability in the wild.
Just detailed is a new vulnerability in the Windows Print Spooler service that could allow hackers to install programs; view, change, or delete data; and create new accounts on your PC.
Though that might sound scary, it is important to note that to leverage this new vulnerability, hackers will need to execute code on a victim system. Basically, it means that a hacker would need physical access to your PC. Microsoft mentions this in the support guide for the new vulnerability, going by the name of CVE-2021-34481.
It is there where Microsoft labels the vulnerability with a score of 7.8 and “important” severity, meaning it is a high-security risk. However, Microsoft does also mention that though CVE-2021-34481 was made public, it hasn’t been exploited — though another note details exploitation is “more likely.”
Microsoft hasn’t yet mentioned when a patch for this new vulnerability will be released. Instead, the company says it is investigating and “developing a security update.” Importantly, Microsoft points out that this new issue wasn’t caused by the July 2021 security update, which initially patched PrintNightmare.
Still worried? There is a temporary workaround for those who might be concerned. The workaround involves opening Powershell on Windows and determining if the Print Spooler Service is running, then stopping and disabling the service. The downside of this workaround is that stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.
The last time, Microsoft was quick to release a patch for PrintNightmare. It happened within four days of Microsoft first discovering the issue. It’s unknown if a similar patch for this exploit could come at a similar time. Seeing as though the situation is a little less urgent, with hackers needing local access to a PC, it could be a while.
Microsoft credited the security researcher Jacob Baines for discovering this issue and reporting it to Microsoft. Baines notes on his Twitter page that he doesn’t believe this new vulnerability to be a variant of PrintNightmare.