Microsoft Windows Print Spooler Service Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler Service.

A remote attacker can exploit this issue to execute code with SYSTEM-level privileges. Local attackers able to submit print jobs can exploit this issue to gain elevated privileges.

NOTE: To exploit this issue, an attacker must have permissions to submit print jobs on the vulnerable system. Guest access to shared print services is enabled by default on Windows XP; later systems will require the attacker to authenticate to the server, or require the server to be configured to allow anonymous access.


 

Privacy Statement
Copyright 2010, SecurityFocus