Microsoft’s print nightmare continues with another example of how a threat actor can achieve SYSTEM privileges by abusing malicious printer drivers. This technique can be used even if admins applied Microsoft’s recommended mitigations of restricting printer driver installation to admins and disabling Point and Print. Microsoft stated that their patches worked as intended, and as the vulnerability was being actively exploited, advised all Windows users to install the update. This method will likely not be fixed as Windows is designed to allow an administrator to install a printer driver even ones that may be unknowningly malicious.
Source: https://www.bleepingcomputer.com/news/microsoft/windows-print-nightmare-continues-with-malicious-driver-packages/