CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Cause
Microsoft Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
Solution
Option 1 - Windows Updates
KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates.
Option 2 - Disable inbound remote printing through Group Policy
1) Stop Digital Fax from UCSuite Web page
2) Open a command prompt
3) Execute this command
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Printers" /f /v RegisterSpoolerRemoteRpcEndPoint /t REG_DWORD /d 2
4) Restart the Print Spooler service
5) Start Digital Fax from UCSuite Web page
|
||
| This article was: |
| Prev | Next | |
| How to bind the Digital Fax service to a specific IP and/or port | How to Remove Spurious prefix in Subject field |