Microsoft Warns: Another Unpatched PrintNightmare Zero-Day


One day after dropping its scheduled August Patch Tuesday update, Microsoft issued a warning about yet another unpatched privilege escalation/remote code-execution (RCE) vulnerability in the Windows Print Spooler.

The zero-day bug, tracked as CVE-2021-36958, carries a CVSS vulnerability-severity scale rating of 7.3, meaning that it’s rated as “important.” Microsoft said that it allows for a local attack vector requiring user interaction, but that the attack complexity is low, with few privileges required.

Read more…
Source: ThreatPost