Microsoft Announces CVE-2021-34481 : Elevation of Privilege vulnerability in Windows Print Spooler

On July 15, Microsoft released an advisory for CVE-2021-34481, an Elevation of Privilege (EoP) vulnerability in the Windows Print Spooler. While no patch has been released, Microsoft does offer a workaround that advises customers to disable the Print Spooler service. Disabling the service will disrupt the ability to print both locally and remotely.

The advisory specifically states that this new CVE is a distinct vulnerability from CVE-2021-34527, known as PrintNightmare, and CVE-2021-1675, another flaw in the Print Spooler patched in June. The Tenable Research team continues to monitor this situation to ensure that plugin coverage will be released as soon as a patch is available. Until then, customers can utilize plugin ID 151440 to identify systems which have the Print Spooler service (spoolsv.exe) enabled to determine what systems may be at risk.