Microsoft has released an emergency security update for several versions of Windows to address a critical vulnerability in the Windows print spooler service.
The vulnerability, called PrintNightmare, was discovered last week when security researchers inadvertently released a Proof-of-Concept (PoC) exploit code.
The technology giant has classified the vulnerability documented in CVE-2021-34527 as critical, as attackers can remotely execute code with system-level permissions on affected devices.
“A remote code execution vulnerability exists when the Windows Print Spooler Service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges, ”writes Microsoft in its documentation.
“An attacker could then install programs; View, change or delete data; or create new accounts with full user rights, ”it says.
Microsoft has recommended that users install these updates immediately.
“Note that security …