If exploited successfully through the execution of code on a victim’s device, the new security vulnerability, tracked as CVE-2021-34481, could allow an attacker to gain SYSTEM privileges through a vulnerability in the Print Spooler service—potentially changing or deleting the victim’s data, installing new programs, or creating new user accounts with full access to the user’s system.
Getty Images / Manuel Breva Colmeiro
The new exploit comes on the heels of the recent PrintNightmare security vulnerability, which also exploited Microsoft’s Print Spooler service, allowing attackers to gain remote system privileges on victims’ systems. That vulnerability affected all versions of Windows and took several days to patch. The company’s fix was also mired with issues and reportedly caused connection errors for some users.