Microsoft has warned users and organizations about yet another zero-day vulnerability affecting Windows Print Spooler. The print service is now threatened with the CVE-2021-36958 vulnerability that allows local attackers to gain SYSTEM privileges. CVE-2021-36958 is part of a class of bugs known as «PrintNightmare». All of these flaws have one common feature - the exploitation of configuration settings of the service, print drivers, and the Windows Point and Print feature.

A vulnerability discovered by security researcher Benjamin Delpy allows threat actors to quickly gain system privileges simply by connecting to a remote print server.

Microsoft issued an advisory on a Windows Print Spooler vulnerability tracked as CVE-2021-36958.

Source: anti-malware.ru