Microsoft has warned of a new Windows vulnerability

Microsoft is officially acknowledged the existence of a zero-day vulnerability called PrintNightmare. It uses the Windows print spooler and is internally named CVE-2021-34527.

Using it, you can remotely run code with system privileges: this gives an attacker the ability to install programs, view, edit and delete data, as well as create new user accounts with rights administrator.

The company confirmed that the vulnerability exists in all versions of Windows, including server versions, and is actively exploited by cybercriminals (but it is not yet clear whether it is on all assemblies).

So far, the patch covering CVE-2021-34527 has yet to be released, but Microsoft has confirmed that it is different from CVE-2021-1675, which was discovered and fixed in June. So far, there are only two ways to protect your computer from this threat: disable the print spooler or deny incoming remote printing through the Group Policy Editor.