A privilege escalation bug found in the print spooler service on Windows platforms is believed to still be exploitable. The most recent patch released by Microsoft included some additional protections. The vulnerability’s severity was complicated by the fact that, if triggered, the vulnerability could affect domain controllers in enterprise networks. Administrators are encouraged to install the patch, despite it being an incomplete fix, to ensure they have as much protection as possible and can implement the mitigations described above. Snort SIDs 57876 and 57877 have been released to address this vulnerability.”]
Source: https://blog.talosintelligence.com/2021/07/printnightmare-coverage.html