Microsoft fixed the PrintNightmare vulnerability in Windows about two weeks ago, but now a new vulnerability has been discovered for the Windows printer service and the Windows manufacturer has published its information.
The new Windows vulnerability is again related to the Windows Print Spooler service and allows hackers to install a program on a device and view, modify or delete information. This vulnerability even allows creating a new account on the victim’s computer.
Although these descriptions sound dangerous, hackers need to execute their malicious code on the user’s system to exploit this vulnerability. In other words, hackers must have physical access to your computer to do these things. Microsoft has mentioned this vulnerability as CVE-2021-34481 and says that its security risk is high. But apparently no hacker has used CVE-2021-34481 yet.
It is currently unknown when the security patch for this vulnerability will be released. Redmond says it is evaluating the situation and working on a security update. Microsoft has denied that this vulnerability is related to the July 2021 update that resolved the PrintNightmare issue.
For now, you can prevent CVE-2021-34481 through an unofficial workaround. To do this, you need to open Powershell and check if the Print Spooler service is running or not. If the service is running, stop and disable it. But with this, the ability to send the print command both locally and remotely is disabled.
Microsoft previously released the PrintNightmare patch very soon, four days after the vulnerability was discovered. Now we don’t know how long it will take for a security patch to be released again for this new vulnerability. Microsoft says a researcher named Jacob Bains was responsible for discovering CVE-2021-34481 and reporting it to the company. Baines stated on her Twitter page that she does not think this vulnerability is a new variant of the PrintNightmare vulnerability.