Enlarge (credit: Getty Images)
released in June for a remote code-execution flaw failed to fix a similar but distinct flaw dubbed PrintNightmare, which also made it possible for attackers to run malicious code on fully patched machines. Microsoft released an unscheduled patch for PrintNightmare, but the fix failed to prevent exploits on machines using certain configurations.
Bring your own printer driver
On Thursday, Microsoft warned of a new vulnerability in the Windows print spooler. The privilege-escalation flaw, tracked as CVE-2021-34481, allows hackers who already have the ability to run malicious code with limited system rights to elevate those rights. The elevation allows the code to access sensitive parts of Windows so malware can run each time a machine is rebooted.
Read 9 remaining paragraphs | Comments
