{"id":1947119,"date":"2021-07-16T17:55:00","date_gmt":"2021-07-16T15:55:00","guid":{"rendered":"http:\/\/nhub.news\/?p=1947119"},"modified":"2021-07-17T01:38:33","modified_gmt":"2021-07-16T23:38:33","slug":"microsoft-warns-windows-users-of-another-unpatched-printing-vulnerability","status":"publish","type":"post","link":"http:\/\/nhub.news\/de\/2021\/07\/microsoft-warns-windows-users-of-another-unpatched-printing-vulnerability\/","title":{"rendered":"Microsoft warns Windows users of another unpatched printing vulnerability"},"content":{"rendered":"

Microsoft is raising awareness of a new, unpatched printing vulnerability in Windows 10, requiring physical access to a Windows PC for hackers to leverage.<\/b>
\nMicrosoft might have patched PrintNightmare in Windows, but for the second time this month, there\u2019s yet another printer-themed vulnerability in the wild. Just detailed is a new vulnerability in the Windows Print Spooler service that could allow hackers to install programs; view, change, or delete data; and create new accounts on your PC. Though that might sound scary, it is important to note that to leverage this new vulnerability, hackers will need to execute code on a victim system. Basically, it means that a hacker would need physical access to your PC. Microsoft mentions this in the support guide for the new vulnerability, going by the name of CVE-2021-34481. It is there where Microsoft labels the vulnerability with a score of 7.8 and \u201cimportant\u201d severity, meaning it is a high-security risk. However, Microsoft does also mention that though CVE-2021-34481 was made public, it hasn\u2019t been exploited \u2014 though another note details exploitation is \u201cmore likely.\u201d Microsoft hasn\u2019t yet mentioned when a patch for this new vulnerability will be released. Instead, the company says it is investigating and \u201cdeveloping a security update.\u201d Importantly, Microsoft points out that this new issue wasn\u2019t caused by the July 2021 security update, which initially patched PrintNightmare. Still worried? There is a temporary workaround for those who might be concerned. The workaround involves opening Powershell on Windows and determining if the Print Spooler Service is running, then stopping and disabling the service. The downside of this workaround is that stopping and disabling the Print Spooler service disables the ability to print both locally and remotely. The last time, Microsoft was quick to release a patch for PrintNightmare. It happened within four days of Microsoft first discovering the issue. It\u2019s unknown if a similar patch for this exploit could come at a similar time. Seeing as though the situation is a little less urgent, with hackers needing local access to a PC, it could be a while. Microsoft credited the security researcher Jacob Baines for discovering this issue and reporting it to Microsoft. Baines notes on his Twitter page that he doesn\u2019t believe this new vulnerability to be a variant of PrintNightmare.<\/p>\n