20th July 2021, Kathmandu
After days, Microsoft was notified of an unpatched security vulnerability in the Windows Print Spooler service, yet another 0-day flaw has been identified in the same component.
Researcher Benjamin Delpy disclosed the exploit for the vulnerability.
https://twitter.com/i/status/1416079316673339392
This bug allows an attacker to execute arbitrary code with SYSTEM privileges. There is no solution to the problem yet; CERT/CC has recommended configuring PackagePointAndPrintServerList to prevent the installation of the printer from attacker-controlled servers.
PrintNightmare issue had become public last month by accident, which has led to the identification of several similar vulnerabilities.
Further clarification is yet to come from Microsoft.
