Windows Print Spooler Remote Code Execution
Windows Print Spooler Remote Code Execution

Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527.

Microsoft added a second workaround to prevent remote code execution using the print spooler on your system. Read More

Disable inbound remote printing through Group Policy

You can configure the settings via Group Policy as follows:

Computer Configuration / Administrative Templates / Printers/

Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks.

You must restart the Print Spooler service for the group policy to take effect.

Impact of workaround This policy will block the remote attack vector by preventing inbound remote printing operations. The system will no longer function as a print server, but local printing to a directly attached device will still be possible.

For more information see: Use Group Policy settings to control printers.

Source: Microsoft