CVE-2021-34481 - Windows Print Spooler Elevation of Privilege Vulnerability

JohnConnorJohnConnor Posts: 4 New Member

Does F-Secure Server Security and Client Security protect against the vulnerability CVE-2021-34481 ?

Is there a newsletter or similar channel to get such information quickly?

Thanks - John!

Answers

  • MonikaLMonikaL Posts: 170 Moderator

    Hi John,

    Yes, F-Secure products protect against the vulnerability CVE-2021-34481. This DB was released at the end of the last week.

  • JohnConnorJohnConnor Posts: 4 New Member

    Hello Monika,

    thank you very much for the quick reply.

    Just to be sure I have my CVE-2021-34481 from 07/16 - Friday! 

    (Not CVE-2021-34527 and CVE-2021-1675).

    Thanks John!

  • JohnConnorJohnConnor Posts: 4 New Member

    Sorry, in English:

    Just to be sure I asked for CVE-2021-34481 from 07/16 - Friday! 

  • MonikaLMonikaL Posts: 170 Moderator

    Hi John,

    Yes, F-Secure products protect against the vulnerability CVE-2021-34481. This DB was released at the end of the last week.


    If any attacker would try to exploit this PrintNightmare (CVE-2021-34527) vulnerability, the DeepGuard feature present in all F-Secure endpoint products blocks this suspicious behavior with the detection Exploit:W32/SpoolSVLaunch.A!DeepGuard. 

    Microsoft has also updated their advisory and released an out-of-band patch for certain Windows version (Updates are not yet available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012). One change after applying this patch is that non-admin will now only be able to install new signed printer drivers. Unsigned printer driver will require administrator rights to install successfully.

    https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7

    Jaims
Sign In or Register to comment.