The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver during printer installation, aka "Windows Print Spooler Remote Code Execution Vulnerability."
* Microsoft Windows 10
* Microsoft Windows 10 1511
* Microsoft Windows 7
* Microsoft Windows 8.1
* Microsoft Windows Rt 8.1
* Microsoft Windows Server 2008
* Microsoft Windows Server 2008 R2
* Microsoft Windows Server 2012
* Microsoft Windows Server 2012 R2
* Microsoft Windows Vista
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or set up a rogue print server on a target network.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software and Vulnerability Severity Ratings section.
The update addresses the vulnerabilities by:
Correcting how the Windows Print Spooler service writes to the file system
Issuing a warning to users who attempt to install untrusted printer drivers