Security
Headlines
HeadlinesLatestCVEs

Tag

#Windows Print Spooler Components

CVE-2022-38028: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

Microsoft Security Response Center
#vulnerability#web#windows#Windows Print Spooler Components#Security Vulnerability
CVE-2022-38005: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-35793: Windows Print Spooler Elevation of Privilege Vulnerability

**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not set to disabled, select one of the following options to either disable the Print Spooler service, or to Disable inbound remote printing through Group Policy: **Option 1 - Disable the Print Spooler service** If disabling the Print Spooler service is appropriate for your enterprise, use the following PowerShell commands: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Disabling the Print Spooler service disables the ability to print both locally and remotely. **Option 2 - Disable inbound remote printing through Group Policy** You can also configure the settings via Group Policy as follows: Computer Configuration / Administrative Templates / Printers Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks....

CVE-2022-35755: Windows Print Spooler Elevation of Privilege Vulnerability

**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not disabled, follow these steps: **Stop and disable the Print Spooler service** If stopping and disabling the Print Spooler service is appropriate for your environment, run the following in Windows PowerShell: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

CVE-2022-22041: Windows Print Spooler Elevation of Privilege Vulnerability

**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not disabled, follow these steps: **Stop and disable the Print Spooler service** If stopping and disabling the Print Spooler service is appropriate for your environment, run the following in Windows PowerShell: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

CVE-2022-22022: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.

CVE-2022-30226: Windows Print Spooler Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.

CVE-2022-30206: Windows Print Spooler Elevation of Privilege Vulnerability

**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not disabled, follow these steps: **Stop and disable the Print Spooler service** If stopping and disabling the Print Spooler service is appropriate for your environment, run the following in Windows PowerShell: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.

CVE-2022-29140: Windows Print Spooler Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.

CVE-2022-29114: Windows Print Spooler Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.