Windows 10: Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527

Discus and support Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527 in AntiVirus, Firewalls and System Security to solve the problem; Do I need to do do/patch something for Windows 10? what? how?Or will this be updated through the standard windows/security updates that install... Discussion in 'AntiVirus, Firewalls and System Security' started by JaredPriceAST, Jul 7, 2021.

  1. JAREDPRICEAST
    JaredPriceAST Win User

    Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527


    Do I need to do do/patch something for Windows 10? what? how?Or will this be updated through the standard windows/security updates that install automatically

    :)
     
    JaredPriceAST, Jul 7, 2021
    #1
  2. BRINK
    Brink Win User

    Windows Print Spooler Remote Code Execution Vulnerability

    Microsoft is aware of and investigating a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation and we will update the CVE as more information is available.

    A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    An attack must involve an authenticated user calling RpcAddPrinterDriverEx().

    Please ensure that you have applied the security updates released on June 8, 2021, and see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.


    Read more:
     
    Brink, Jul 7, 2021
    #2
  3. BRO67
    bro67 Win User
    Windows Print Spooler Remote Code Execution Vulnerability

    This exploit only affects Domain Controllers not workstations. I am not worried about it because our Windows workstation rarely gets used and in no way is not a Windows Server Edition or behaves as a DC. Workaround for the Windows Print Spooler Remote Code Execution Vulnerability - gHacks Tech News

    Stopping the Spooler service means jobs are going to sit on the machine until you physically go into the folder to purge them out.
     
    bro67, Jul 7, 2021
    #3
  4. WXC
    WXC Win User

    Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527

    Windows Print Spooler Remote Code Execution Vulnerability

    Thank you , sir.

    This post answered a question, I had logged back in, to pose.

    In my situation, there was no need to 'Disable', this, apparently.

    My ignorance. No other excuse.

    Just wanted to take measures to be secure. *Smile

    - - - Updated - - -

    @bro67

    Should I go back into Group Editor, and set this back from 'Disabled', to 'Not Configured'? or simply, leave it be?


    Single desktop PC, hardwired behind router (no wifi). Have a USB connected printer, but never use it. System specs up to date.

    Apologies for bothering you.

    ~~~~~

    I welcome anyone else to answer, as well. *Smile

    Thank you.
     
    WXC, Jul 7, 2021
    #4
Thema:

Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527

Loading...

  1. Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527 - Similar Threads - Print Spooler Remote

  2. 3D Builder remote code execution vulnerability

    in Windows 10 Gaming
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...

  3. 3D Builder remote code execution vulnerability

    in Windows 10 Software and Apps
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...

  4. 3D Builder remote code execution vulnerability

    in AntiVirus, Firewalls and System Security
    3D Builder remote code execution vulnerability: Removed all instances including provisioned of 3DBuilder save for one that is listed as "staged" with no package user info other than {S-1-5-18}. Any way of getting rid of this hopefully via powershell? It seems to be triggering a Tenable.io plugin but I'm wondering if it is...

  5. Vulnerability CVE-2021-36934

    in Windows 10 BSOD Crashes and Debugging
    Vulnerability CVE-2021-36934: I saw in the press that an additional vulnerability of Windows 10, known as CVE-2021-36934, can be remedied at list until a Microsoft patch is available by running as administrator Win 10 Powershell and then typing: icacls $env:windir\system32\config\*.*...

  6. Workaround for the Windows Print Spooler Remote Code Execution Vulnerability

    in Windows 10 News
    Workaround for the Windows Print Spooler Remote Code Execution Vulnerability: Microsoft disclosed a new remote code execution vulnerability in Windows recently that is using the Windows Print Spooler. The vulnerability is actively exploited and Microsoft published two workarounds to protect systems from being attacked. The provided information is...

  7. CVE-2020-1425 - Microsoft Windows Codec Library remote Code Execution Vulnerability

    in Windows 10 Installation and Upgrade
    CVE-2020-1425 - Microsoft Windows Codec Library remote Code Execution Vulnerability: CVE-2020-1425 - Microsoft Windows Codec Library remote Code Execution Vulnerability. This is not a patchable vulnerability in Desktop Central. What is required to address this vulnerability?...

  8. CVE-2018-8421 - .NET Framework Remote Code Execution Vulnerability

    in Windows 10 News
    CVE-2018-8421 - .NET Framework Remote Code Execution Vulnerability: A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a...

  9. HP Ink Printers Remote Code Execution Vulnerability

    in Windows 10 News
    HP Ink Printers Remote Code Execution Vulnerability: SUPPORT COMMUNICATION- SECURITY BULLETIN Document ID: c06097712 Version: 2 HPSBHF03589 rev. 2 - HP Ink Printers Remote Code Execution Notice:: The information in this security bulletin should be acted upon as soon as possible. Release date : 01-Aug-2018 Last updated :...

  10. CVE-2018-8245 Microsoft Publisher Remote Code Execution Vulnerability

    in Windows 10 News
    CVE-2018-8245 Microsoft Publisher Remote Code Execution Vulnerability: A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects. An attacker who successfully exploited the vulnerability could force arbitrary code to be executed in the...