CVE-2021-34481 - Windows Print Spooler Elevation of Privilege Vulnerability

JohnConnor
JohnConnor Posts: 6 New Member
edited January 27 in Business Security

Does F-Secure Server Security and Client Security protect against the vulnerability CVE-2021-34481 ?

Is there a newsletter or similar channel to get such information quickly?

Thanks - John!

Accepted Answer

  • MonikaL
    MonikaL Posts: 211 Moderator
    Answer ✓

    Hi John,

    Yes, F-Secure products protect against the vulnerability CVE-2021-34481. This DB was released at the end of the last week.


    If any attacker would try to exploit this PrintNightmare (CVE-2021-34527) vulnerability, the DeepGuard feature present in all F-Secure endpoint products blocks this suspicious behavior with the detection Exploit:W32/SpoolSVLaunch.A!DeepGuard. 

    Microsoft has also updated their advisory and released an out-of-band patch for certain Windows version (Updates are not yet available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012). One change after applying this patch is that non-admin will now only be able to install new signed printer drivers. Unsigned printer driver will require administrator rights to install successfully.

    https://support.microsoft.com/en-us/topic/kb5005010-restricting-installation-of-new-printer-drivers-after-applying-the-july-6-2021-updates-31b91c02-05bc-4ada-a7ea-183b129578a7

    Jaims

Answers

  • MonikaL
    MonikaL Posts: 211 Moderator

    Hi John,

    Yes, F-Secure products protect against the vulnerability CVE-2021-34481. This DB was released at the end of the last week.

  • JohnConnor
    JohnConnor Posts: 6 New Member

    Hello Monika,

    thank you very much for the quick reply.

    Just to be sure I have my CVE-2021-34481 from 07/16 - Friday! 

    (Not CVE-2021-34527 and CVE-2021-1675).

    Thanks John!

  • JohnConnor
    JohnConnor Posts: 6 New Member

    Sorry, in English:

    Just to be sure I asked for CVE-2021-34481 from 07/16 - Friday! 

This discussion has been closed.