cnvd - cnvd-2021-48426

cnvd-2021-48426

Vulnerability from cnvd

Title

Microsoft Windows Print Spooler代码执行漏洞

Description

Windows Print Spooler是Windows的打印机后台处理程序。 Microsoft Windows Print Spooler存在代码执行漏洞，漏洞是由于Windows Print Spooler RpcAddPrinterDriverEx()未能正确地执行特权文件漏洞所致，允许远程攻击者利用漏洞提交特殊的请求，导致应用程序崩溃或以应用程序上下文执行任意代码。

Severity

高

Patch Name

Microsoft Windows Print Spooler代码执行漏洞的补丁

Patch Description

Formal description

目前用户可参考如下厂商提供的安全补丁以修复该漏洞： https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527

Reference

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527

Impacted products

Name
['Microsoft Windows 7', 'Microsoft Windows Windows Server 2012', 'Microsoft Windows 8.1', 'Microsoft Windows RT 8.1 SP0', 'Microsoft Windows 10 1607', 'Microsoft Windows Server 2016', 'Microsoft Windows 10 for 32-bit Systems', 'Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1', 'Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)', 'Microsoft Windows Server 2012 (Server Core installation)', 'Microsoft Windows Server 2012 R2 (Server Core installation)', 'Microsoft Windows Server 2016 (Server Core installation)', 'Microsoft Windows Server 2012 R2', 'Microsoft Windows Server 2016 null', 'Microsoft Windows Server 2019', 'Microsoft Windows 10 Version 1809 for x64-based Systems', 'Microsoft Windows 10 Version 1809 for ARM64-based Systems', 'Microsoft Windows 10 Version 1809 for 32-bit Systems', 'Microsoft Windows 10 1909', 'Microsoft Windows Windows 10 1607', 'Microsoft Windows Server 2008 for x64-based Systems ServicePack 2 (Server Core installation)', 'Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2 (Server Core installation)', 'Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2', 'Microsoft Windows Server 2016 (Server Core installation)', 'Microsoft Windows Windows 10 for x64-based Systems', 'Microsoft Windows Server 20H2 (Server CoreInstallation)', 'Microsoft Windows Server 1909 (Server Coreinstallation)', 'Microsoft Windows Server 2019 (Server Core installation)', 'Microsoft Windows 10 20H2 for ARM64-based Systems', 'Microsoft Windows 10 20H2 for 32-bit Systems', 'Microsoft Windows 10 20H2 for x64-based Systems', 'Microsoft Windows 10 2004 for x64-based Systems', 'Microsoft Windows 10 2004 for ARM64-based Systems', 'Microsoft Windows 10 2004 for 32-bit Systems', 'Microsoft Windows 10 21H1 for 32-bit Systems', 'Microsoft Windows 10 21H1 for ARM64-b']

Name

['Microsoft Windows 7', 'Microsoft Windows Windows Server 2012', 'Microsoft Windows 8.1', 'Microsoft Windows RT 8.1 SP0', 'Microsoft Windows 10 1607', 'Microsoft Windows Server 2016', 'Microsoft Windows 10 for 32-bit Systems', 'Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1', 'Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)', 'Microsoft Windows Server 2012 (Server Core installation)', 'Microsoft Windows Server 2012 R2 (Server Core installation)', 'Microsoft Windows Server 2016 (Server Core installation)', 'Microsoft Windows Server 2012 R2', 'Microsoft Windows Server 2016 null', 'Microsoft Windows Server 2019', 'Microsoft Windows 10 Version 1809 for x64-based Systems', 'Microsoft Windows 10 Version 1809 for ARM64-based Systems', 'Microsoft Windows 10 Version 1809 for 32-bit Systems', 'Microsoft Windows 10 1909', 'Microsoft Windows Windows 10 1607', 'Microsoft Windows Server 2008 for x64-based Systems ServicePack 2 (Server Core installation)', 'Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2 (Server Core installation)', 'Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2', 'Microsoft Windows Server 2016 (Server Core installation)', 'Microsoft Windows Windows 10 for x64-based Systems', 'Microsoft Windows Server 20H2 (Server CoreInstallation)', 'Microsoft Windows Server 1909 (Server Coreinstallation)', 'Microsoft Windows Server 2019 (Server Core installation)', 'Microsoft Windows 10 20H2 for ARM64-based Systems', 'Microsoft Windows 10 20H2 for 32-bit Systems', 'Microsoft Windows 10 20H2 for x64-based Systems', 'Microsoft Windows 10 2004 for x64-based Systems', 'Microsoft Windows 10 2004 for ARM64-based Systems', 'Microsoft Windows 10 2004 for 32-bit Systems', 'Microsoft Windows 10 21H1 for 32-bit Systems', 'Microsoft Windows 10 21H1 for ARM64-b']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-34527",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-34527"
    }
  },
  "description": "Windows Print Spooler\u662fWindows\u7684\u6253\u5370\u673a\u540e\u53f0\u5904\u7406\u7a0b\u5e8f\u3002\n\nMicrosoft Windows Print Spooler\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u6f0f\u6d1e\u662f\u7531\u4e8eWindows Print Spooler RpcAddPrinterDriverEx()\u672a\u80fd\u6b63\u786e\u5730\u6267\u884c\u7279\u6743\u6587\u4ef6\u6f0f\u6d1e\u6240\u81f4\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u4ee5\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u76ee\u524d\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-48426",
  "openTime": "2021-07-07",
  "patchDescription": "Windows Print Spooler\u662fWindows\u7684\u6253\u5370\u673a\u540e\u53f0\u5904\u7406\u7a0b\u5e8f\u3002\r\n\r\nMicrosoft Windows Print Spooler\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u6f0f\u6d1e\u662f\u7531\u4e8eWindows Print Spooler RpcAddPrinterDriverEx()\u672a\u80fd\u6b63\u786e\u5730\u6267\u884c\u7279\u6743\u6587\u4ef6\u6f0f\u6d1e\u6240\u81f4\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u5bfc\u81f4\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u6216\u4ee5\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Windows Print Spooler\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Windows 7",
      "Microsoft Windows Windows Server 2012",
      "Microsoft Windows 8.1",
      "Microsoft Windows RT 8.1 SP0",
      "Microsoft Windows 10 1607",
      "Microsoft Windows Server 2016",
      "Microsoft Windows 10 for 32-bit Systems",
      "Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1",
      "Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)",
      "Microsoft Windows Server 2012 (Server Core installation)",
      "Microsoft Windows Server 2012 R2 (Server Core installation)",
      "Microsoft Windows Server 2016 (Server Core installation)",
      "Microsoft Windows Server 2012 R2",
      "Microsoft Windows Server 2016 null",
      "Microsoft Windows Server 2019",
      "Microsoft Windows 10 Version 1809 for x64-based Systems",
      "Microsoft Windows 10 Version 1809 for ARM64-based Systems",
      "Microsoft Windows 10 Version 1809 for 32-bit Systems",
      "Microsoft Windows 10 1909",
      "Microsoft Windows Windows 10 1607",
      "Microsoft Windows Server 2008 for x64-based Systems ServicePack 2 (Server Core installation)",
      "Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2 (Server Core installation)",
      "Microsoft Windows Server 2008 for 32-bit Systems ServicePack 2",
      "Microsoft Windows Server 2016  (Server Core installation)",
      "Microsoft Windows Windows 10 for x64-based Systems",
      "Microsoft Windows Server 20H2 (Server CoreInstallation)",
      "Microsoft Windows Server 1909 (Server Coreinstallation)",
      "Microsoft Windows Server 2019  (Server Core installation)",
      "Microsoft Windows 10 20H2 for ARM64-based Systems",
      "Microsoft Windows 10 20H2 for 32-bit Systems",
      "Microsoft Windows 10 20H2 for x64-based Systems",
      "Microsoft Windows 10 2004 for x64-based Systems",
      "Microsoft Windows 10 2004 for ARM64-based Systems",
      "Microsoft Windows 10 2004 for 32-bit Systems",
      "Microsoft Windows 10 21H1 for 32-bit Systems",
      "Microsoft Windows 10 21H1 for ARM64-b"
    ]
  },
  "referenceLink": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527",
  "serverity": "\u9ad8",
  "submitTime": "2021-07-05",
  "title": "Microsoft Windows Print Spooler\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2021-34527 (GCVE-0-2021-34527)

Vulnerability from cvelistv5

Published

2021-07-02 21:25

Modified

2025-11-04 19:12

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CWE

Remote Code Execution

Summary

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (Note: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ): <ul> <li>HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint</li> <li>NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)</li> <li>UpdatePromptSettings = 0 (DWORD) or not defined (default setting)</li> </ul> Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design. UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also <a href="https://support.microsoft.com/topic/31b91c02-05bc-4ada-a7ea-183b129578a7">KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates</a>. Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.

References

URL

Tags

	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527	x_refsource_MISC
	http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows 10 Version 1809

Version: 10.0.0 < 10.0.17763.2029
 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2029:*:*:*:*:*:x86:*
 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2029:*:*:*:*:*:x64:*
 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2029:*:*:*:*:*:arm64:*

Microsoft	Windows Server 2019	Version: 10.0.0 < 10.0.17763.2029 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2029:::::::*
Microsoft	Windows Server 2019 (Server Core installation)	Version: 10.0.0 < 10.0.17763.2029 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2029:::::::*
Microsoft	Windows Server 2022	Version: 10.0.0 < 10.0.20348.230 cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.230:::::::*
Microsoft	Windows 10 Version 20H2	Version: 10.0.0 < 10.0.19042.1083 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1083::::::x86: cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1083::::::arm64:
Microsoft	Windows Server version 20H2	Version: 10.0.0 < 10.0.19042.1083 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1083:::::::*
Microsoft	Windows 11 version 21H2	Version: 10.0.0 < 10.0.22000.318 cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318::::::x64: cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.318::::::arm64:
Microsoft	Windows 10 Version 21H2	Version: 10.0.0 < 10.0.19044.1415 cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1415::::::x86: cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1415::::::arm64: cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1415::::::x64:
Microsoft	Windows 11 version 22H2	Version: 10.0.0 < 10.0.22621.674 cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.674::::::arm64: cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.674::::::x64:
Microsoft	Windows 10 Version 22H2	Version: 10.0.0 < 10.0.19045.2251 cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251::::::x64: cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251::::::arm64: cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.2251::::::x86:
Microsoft	Windows 10 Version 1507	Version: 10.0.0 < 10.0.10240.18969 cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.18969::::::x86: cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.18969::::::x64:
Microsoft	Windows 10 Version 1607	Version: 10.0.0 < 10.0.14393.4470 cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4470::::::x86: cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4470::::::x64:
Microsoft	Windows Server 2016	Version: 10.0.0 < 10.0.14393.4470 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4470:::::::*
Microsoft	Windows Server 2016 (Server Core installation)	Version: 10.0.0 < 10.0.14393.4470 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4470:::::::*
Microsoft	Windows 8.1	Version: 6.3.0 < 6.3.9600.20046 cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20046:::::::*
Microsoft	Windows Server 2008 Service Pack 2	Version: 6.0.0 < 6.0.6003.21138 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21138::::::x64:
Microsoft	Windows Server 2008 Service Pack 2 (Server Core installation)	Version: 6.0.0 < 6.0.6003.21138 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21138::::::x64: cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21138::::::x86:
Microsoft	Windows Server 2008 Service Pack 2	Version: 6.0.0 < 6.0.6003.21138 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21138::::::x86:
Microsoft	Windows Server 2008 R2 Service Pack 1	Version: 6.1.0 < 6.1.7601.25633 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25633::::::x64:
Microsoft	Windows Server 2008 R2 Service Pack 1 (Server Core installation)	Version: 6.0.0 < 6.1.7601.25633 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25633::::::x64:
Microsoft	Windows Server 2012	Version: 6.2.0 < 6.2.9200.23383 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23383::::::x64:
Microsoft	Windows Server 2012 (Server Core installation)	Version: 6.2.0 < 6.2.9200.23383 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23383::::::x64:
Microsoft	Windows Server 2012 R2	Version: 6.3.0 < 6.3.9600.20046 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20046::::::x64:
Microsoft	Windows Server 2012 R2 (Server Core installation)	Version: 6.3.0 < 6.3.9600.20046 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20046::::::x64:

Show details on NVD website