Microsoft has not announced when the patch for the vulnerability will be released.
Microsoft has officially confirmed that the acclaimed remote code execution vulnerability known as PrintNightmare in the Windows Print Spooler service and the CVE-2021-1675 vulnerability that the tech giant patched last month are two different issues. The company also identified attempts to exploit PrintNightmare in real-life attacks.
The PrintNightmare issue, now assigned the identifier CVE-2021-34527, became known after the Chinese information security company Sangfor Technologies published on GitHub a technical analysis and PoC code for exploiting a vulnerability in the Windows Print Spooler service, believing that it had already been fixed … As it turned out, the experts published an exploit not for CVE-2021-1675 fixed by Microsoft in June, but for another previously unknown vulnerability in Print Spooler, which they found on their own. Realizing the mistake, the researchers deleted the publication, but by that time the PoC code had already been copied and published in other sources.
As stated in the CVE-2021-34527 description, the remote code execution vulnerability is related to incorrect processing of privileged files and can be used to execute code with SYSTEM privileges.
Microsoft did not say when the patch for the vulnerability would be released, but recommended disabling Print Spooler or disabling remote internal printing via Group Policy as a preventive measure.