Microsoft has added support for PrintNightmare exploitation detection to Microsoft Defender for Identity to help Security Operations teams detect attackers’ attempts to abuse this critical vulnerability. Microsoft has shared mitigation guidance on a new Windows Print Spooler elevation of privilege vulnerability tracked as CVE-2021-34481 and discovered by Dragos security researcher Jacob Baines. Microsoft will roll out a another update later this month which will enable security operations (SecOps) teams to block attack attempts by locking compromised users’ Active Directory accounts.
Source: https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-printnightmare-attacks/