Microsoft issued a new security warning about the unpatched Windows Print Spooler Elevation of privilege vulnerability that allows attackers to execute an arbitrary code with the system privileges’.
“The print spooler service is a service that is running on each computer that participates in the Print Services system. The print spooler service implements the print client and print server roles, by enabling each participating system to act as a print client, administrative client, or print server for the Print Services system.”
The Vulnerability found existing in the Printer Spooler service allows attackers to perform a local elevation of privilege.
Once the attackers successfully exploited this vulnerability, they could install the malicious programs, modify, change and delete the data, which also allows attackers to create new user accounts.
In order to exploit the vulnerability, an attacker needs to execute the code on a victim system, and it is a local privilege escalation vulnerability and tracked as CVE-2021-34481.
According to Microsoft report “An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. “
Microsoft published a work around for this vulnerability to secure the system from this vulnerability.