CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.

The US cybersecurity agency CISA on Tuesday added a two-year-old Windows Print Spooler flaw to its Known Exploited Vulnerabilities (KEV) catalog.

Tracked as CVE-2022-38028 (CVSS score of 7.8) and addressed as part of Microsoft’s October 2022 Patch Tuesday updates, the issue can be exploited to gain System privileges on a vulnerable machine.

“Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions,” CISA’s entry in the KEV catalog reads.

Per the Binding Operational Directive (BOD) 22-01, federal agencies have three weeks to identify within their environments any system vulnerable to CVE-2022-38028 and apply the available patches or remove the vulnerable products.

Although BOD 22-01 only applies to federal agencies, CISA urges all organizations to perform vulnerability assessments and ...