On June 8, 2021, Microsoft released patches including a patch for CVE-2021-1675. CVE-2021-1675 is a remote code execution vulnerability in the Windows print spooler. An unauthenticated remote attacker who successfully exploited this vulnerability can run arbitrary code with SYSTEM privileges on a domain controller to take over the entire domain. We recommend that you patch for this vulnerability at your earliest convenience and take measures against security risks.
Detected vulnerability
- Vulnerability number: CVE-2021-1675
- Vulnerability severity: critical
- Affected versions:
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2008 R2
- Windows Server, version 2004 (Server Core installation)
- Windows Server, version 1909 (Server Core installation)
Details
Print spooler is a service that manages print-related transactions in Windows. In a domain environment, an unauthenticated remote attacker can exploit the CVE-2021-1675 vulnerability without interaction to run arbitrary code on the domain controller with SYSTEM privileges to take over the entire domain.
Security suggestions
Install the patch for CVE-2021-1675 at your earliest convenience.
Solutions
Go to the Microsoft official website to download the corresponding patch. For more information, see CVE-2021-1675.
Announcing party
Alibaba Cloud Computing Co., Ltd.