Tag
#windows
**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not disabled, follow these steps: **Stop and disable the Print Spooler service** If stopping and disabling the Print Spooler service is appropriate for your environment, run the following in Windows PowerShell: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Stopping and disabling the Print Spooler service disables the ability to print both locally and remotely.
**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.
**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.
**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of this vulnerability requires that a user trigger the payload in the application.
**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.
**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could access Kerberos protected data.
**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could access Kerberos protected data.