Microsoft fixes vulnerability affecting all Windows versions since 1996 – We Live Security

Microsoft fixes vulnerability affecting all Windows versions since 1996 – We Live Security

Another vulnerability in the same Windows component was abused by Stuxnet a decade ago

A vulnerability in a decades-old Windows component that controls printing on machines running the operating system could be abused by malicious actors to gain elevated privileges on the targeted system, according to security researchers Yarden Shafir and Alex Ionescu.

The flaw, which they dubbed PrintDemon, resides in Windows Print Spooler and affects all Windows versions since Windows NT4.0, released in 1996. The component has remained largely unchanged since; another vulnerability affecting it was abused by the infamous Stuxnet a decade ago.

“An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” said Microsoft. Windows 7, 8.1, 10, and Windows Server 2008, 2012, 2016, and 2019 all contained the vulnerability.

Indexed as CVE-2020-1048, the flaw cannot be abused remotely, however. Microsoft deemed its exploitation as not particularly likely and said that an attacker would need
Source…