RPC Windows Print Spooler Remote Code Execution -1 (CVE-2021-1675, CVE-2021-34527)

Rule ID

1139407

Severity

High

Description

A code execution vulnerability exists in the Windows Printing Spooler Service. Specifically, the vulnerability is due to an error when the Printer Spooler service processes specially crafted RPC calls.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Exploits

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2021-1675

CVE-2021-34527

Keywords

Windows 7, Windows 8.1, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016, Windows Server 2019

Date Created

2021/07/01

Last Updated

2021/07/21

This website uses cookies to ensure you get the best experience on our website.

Learn more