Skip to main content
Skip table of contents

CVE-2021-34527 Windows Print Spooler Remote Code Execution Vulnerability

Applies to UCX Suite ver. 2013 and above

Description

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Cause

Microsoft Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

Solution

Option 1 - Windows Updates
KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates.

Option 2 - Disable inbound remote printing through Group Policy

  1. Stop Digital Fax from UCX Suite Web page

  1. Open a command prompt 

  1. Execute this command

REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Printers" /f /v RegisterSpoolerRemoteRpcEndPoint /t REG_DWORD /d 2

  1. Restart the Print Spooler service

  2. Start Digital Fax from UCX Suite Web page

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close