Microsoft has found yet another security flaw in its PrintSpooler service that allows Windows to print documents. The total tally of flaws now sits at three.
The first one was addressed in a June security update, only for another one to be discovered called 'PrintNightmare' which affected every version of Windows and the company put out a patch that partially fixed the issue. Now a third flaw has been discovered which leaves Windows unable to print documents.
"An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," Microsoft revealed in a post.
"An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
This means anyone who gains access to System privileges through this bug can potentially run malicious code on a system without the user knowing about it. Windows has said that this hasn't been exploited yet but now that it has been disclosed, it is likely that threat actors will look to take advantage.