Microsoft Warns of Another Unpatched Windows Print Spooler RCE Vulnerability


Windows Print Spooler RCE Vulnerability

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it’s working to remediate the issue in an upcoming security update.

Tracked as CVE-2021-36958 (CVSS score: 7.3), the unpatched flaw is the latest to join a list of bugs collectively known as PrintNightmare that have plagued the printer service and come to light in recent months. Victor Mata of FusionX, Accenture Security, who has been credited with reporting the flaw, said the issue was disclosed to Microsoft in December 2020.

Read more…