Not to be confused with the initial PrintNightmare vulnerability, or the other recent Print Spooler exploit, this new bug would allow a local attacker to gain system privileges. Microsoft is still investigating the bug, referred to as CVE-2021-36958, so it has not yet been able to verify which Windows versions are affected . It also hasn’t announced when it will release a security update, but states that solutions are typically released monthly.
Geber86 / Getty Images
According to BleepingComputer, the reason Microsoft’s recent security updates don’t help is because of an oversight regarding administrator privileges. The exploit involves copying a file that opens a command prompt and a print driver, and admin privileges are needed to install a new print driver.