Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker’s control and the ‘Queue-Specific Files’ feature. Security researchers have been heavily scrutinizing the Windows printing APIs and have found further vulnerabilities affecting the Windows print spooler. Microsoft released a security update to fix the vulnerability but researchers determined that the patch could be bypassed under certain conditions. CERT/CC has released an advisory for this vulnerability that provides further information.
Source: https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/