CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, has a leaked PoC which possesses a greater threat than initially thought. Researchers say that this can be exploited for remote code execution. This has been Credited to Zhipeng Huo of Tencent Security Xuanwu Lab, Piotr Madej of AFINE, and Yunhai Zhang of NSFOCUS TIANJIN Lab.
CVE-2021-1675 (aka “PrintNightmare”) was initially classed as low severity vulnerability, allowing local privilege elevation, and was patched on June 2021 Patch Tuesday.
The Windows Print Spooler is an application / interface / service that interacts with local or networked printers and manages the printing process. It is an old component and several bugs have been previously found as well in them. But this time it possesses a far more risk than any other previous bugs.
Disable “Print Spooler” service on servers that do not require it.
Refer to Microsoft website for complete list of affected products and their respective patches.