Microsoft closed a similar security vulnerability (CVE-2021-1675) in the Print Spooler on Patch Day in June. There is no CVE number for this new vulnerability and it has also not yet been allocated a threat level, but security researchers are saying this is a critical bug.
Employees of a cybersecurity company accidentally published an exploit code for the new vulnerability instead of for the one that had already been patched and even though the Proof of Concept code for exploiting PrintNightmare has been removed, copies have been made.
All supported versions of Microsoft Windows and Microsoft Windows Server are affected.
We’re happy to carry out an external audit of your systems. E-mail us at firstname.lastname@example.org or get in touch with your Bechtle account manager.
Carnegie Mellon University: Microsoft Windows Print Spooler allows for RCE