Posted on Leave a comment

Researcher from China Releases the POC Code for Critical Remote Code Execution Vulnerability.

Researcher with the twitter handle named RedDrip Team(QiAnXin) has released the first ever known POC code for the Critical Remote code Execution Vulnerability with CVE-2021-1675 on Print Spooler component .

Print Spooler is a component from Microsoft which manages the printing process also helps to retrieve the location of the correct printer driver, loading the driver, scheduling the printing job and so on.

Luckily Microsoft has addressed this vulnerability as a part of patch Tuesday on June 8, 2021(This patch is not working as per the latest update. Checkout the latest updates on this vulnerability here.). The biggest concern about this vulnerability is that this print spooler (spoolsv.exe) service run’s with highest privilege level in the operating system.

Researchers from QiAnXin also released the GIF which demonstrates this vulnerability.

Few hours later the POC code of this vulnerability was removed by the researchers and they had confirmed that they will present it on their Blackhat talk.

Unfortunately, its too late as the POC code from github had been seen with multiple forks and we can expect that threat actors may attempt to exploit this issue to break into the networks.

–-For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1

Leave a Reply