The latest vulnerability is a Windows Print Spooler elevation-of-privilege vulnerability tracked as CVE-2021-34481. Microsoft credited Dragos vulnerability researcher Jacob Baines for identifying the issue. Attackers who successfully exploit the bug can run arbitrary code with SYSTEM privileges, allowing them to install programs, view, change or delete data, or create new accounts with full user rights, the company said. The vulnerability is the latest in a flurry of problems discovered in the print service, but seems slightly less dangerous as it can only be exploited locally.
Source: https://threatpost.com/microsoft-unpatched-bug-windows-print-spooler/167855/