Threats and IoCs


Summary: Window’s Print Spooler is run by default on all supported Windows operating system versions as it is a legitimate application that manages the printing process on Windows hosts.  The flaw in this service allows any low privilege, authenticated user on a network to access the Print Spooler service on an endpoint and use a remote code execution exploit or local privilege escalation to gain SYSTEM privileges. On 6/8/2021, a patch was released by......

Read More