TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Microsoft patches DevilsTongue vulnerability; Suggests disable Print Spooler Service for now

Microsoft has once again issued a warning advising users to disable Windows print spooler in what appears to be the third serious Windows 10 print flaw in just five weeks. It looks like a new Windows print service vulnerability CVE-2021-34481 has now been discovered. If exploited, it could allow hackers to execute malicious code on machines. At the time of writing this, Microsoft has not released a patch fixing this flaw.

Enable-or-disable-the-Print-Spooler-Service-System-Configuration

How serious is CVE-2021-34481 DevilsTongue vulnerability?

DevilsTongue vulnerability can be pretty serious since an attacker could install malicious programs with SYSTEM privileges. Meaning, hackers who successfully exploited this flaw could view, change, or delete user data or create new accounts with SYSTEM privileges (full user rights). Disclosing this vulnerability, Microsoft had this to say:

“An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges,” Microsoft said.

This type of attack can only be successful if the hacker can find ways to execute code on a victim machine. There’s no denying that Microsoft will fix this vulnerability in due course. But as of now, all you can do to stop this vulnerability is disable the Print Spooler service.

Previously, Microsoft addressed two similar Windows Print Service PrintNightmare vulnerabilitiy CVE-2021-1675 and CVE-2021-34527. This newly discovered flaw also exists in the Print Spooler service, the company has acknowledged. According to Microsoft, the vulnerability existed before the July 13, 2021 security update.

“We are developing a security update [for this vulnerability]. All security updates are tested to ensure quality prior to release. Solutions to verified security issues are normally released via our monthly Update Tuesday cadence,” Microsoft added.

How to know if the Print Spooler service is running

Make sure to run the following command in Windows PowerShell:

Get-Service -Name Spooler

How to disable the Print Spooler service

If you want to disable the Print Spooler service, you can follow these steps:

Run the following commands in Windows PowerShell:

Stop-Service -Name Spooler -Force
Set-Service -Name Spooler -StartupType Disabled

It should be noted that once you’ve disabled the Print Spooler service, you can’t possibly print either locally or remotely.

Published on Tags:

AnandKhanse@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP (2016-2022). He enjoys following and reporting Microsoft news and developments in the world of Personal Computing.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap