■■■■■ Microsoft this week pushed an out-of-band patch for CVE-2021-34527, which now has a CVSS “high severity” score of 8.2.
Mimikatz creator Benjamin Delpy said the problem relates to the Point and Print function, which is designed to allow a Windows client to create a connection to a remote printer with first requiring installation media.
That effectively means an authenticated user could still gain administrator-level privileges on a machine running the Print Spooler service to run arbitrary code.
Microsoft acknowledged the issue at the bottom of its advisory.
“Point and Print is not directly related to this vulnerability, but the technology weakens the local security posture in such a way that exploitation will be possible,” it admitted. “To disallow Point and Print for non-administrators make sure that warning and elevation prompts are shown for printer installs and updates.”
https://t.me/cKure/8519