Microsoft revealed another zero-day print spooler vulnerability on 11 August. That’s right, Microsoft announced yet another new zero-day print spooler vulnerability after they released patches for the widespread vulnerability known as PrintNightmare in June this year.
Microsoft Windows devices need the print spooler to run their printing jobs and it’s an old service that’s been around for decades. Microsoft is actively investigating the vulnerability and confirmed that Remote Code Execution does affect the Windows Print Spooler.
According to BugCrowd, Remote Code Execution allows an attacker to remotely execute commands on someone else’s computing device, regardless of the geographic location of the device.
Remote Code Execution allows an attacker to remotely execute commands on someone else’s computing device, regardless of the geographic location of the device.
At this stage, there is no patch available and Microsoft has rated the vulnerability as ‘important’ The only published workaround is disabling the Print Spooler service
If disabling the Print Spooler service is an option for your enterprise, use the following PowerShell commands:
Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled
PLEASE NOTE: Disabling the Print Spooler service disables the ability to print both locally and remotely.