Microsoft has warned of a vulnerability affecting the Windows Print Spooler service.

Issue (CVE-2021-34481) is a local privilege escalation vulnerability, which rates 7.8 on the CVSS scale. It is associated with improper execution of privileged file operations of Windows Print Spooler.

Exploitation of this vulnerability allows to run arbitrary code with SYSTEM privileges on the system. The attacker could then install malware, view, change or delete data, create new accounts with full user rights.

As a measure to prevent exploitation of the vulnerability, Microsoft is recommending users to disable the Print Spooler service. Experts are currently working on a fix for this vulnerability.

Source: securitylab.ru