Microsoft fiddles with Fluent while the long dark Nightmare of the Print Spooler continues for Windows

New Windows 11 toys, fresh new CVE pops out

Microsoft has released a number of Windows 11 updates even as it acknowledges yet more holes found in its flagship operating systems by researchers.

Build 22000.132 hit the Windows Insider Dev Channel overnight. The usual raft of tweaks and improvements included a fix for an explorer.exe crash in the Windows Sandbox and Chat from Microsoft Teams was made available to customers in the Beta Channel.

The emission was accompanied by updates for some of the apps that remain in the Windows 11 box (for Dev Channel Insiders only at present). The old Snipping Tool and Snip & Sketch apps have been replaced by a new Snipping Tool app "that represents the best experiences of both apps in the next evolution of screen capture for Windows," according to Microsoft. The Mail and Calendar apps have been given the Windows theme and rounded corner treatment. Finally, the open-sourced Calculator app has been warmed over.

While Windows supremo Panos Panay was getting all pumped about screenshots, that Calculator app will come in handy to count the costs incurred due to Windows' Swiss Cheese security.

A neverending [Insert Microsoft Service Name Here] Nightmare

Despite Microsoft attempting to deal with the multiple issues in Windows suffixed with the word "Nightmare", the cock-up train kept rolling this week. After slapping a requirement for administrative privileges on Point and Print driver installations, Microsoft admitted that holes remained in its code and, yes, it was time to fire the Print Spooler Service into the Sun once again as it warned of a fresh Remote Code Execution vulnerability via CVE-2021-36958.

"A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations," Microsoft stated, regarding the above CVE.

"An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

"The workaround for this vulnerability is stopping and disabling the Print Spooler service."

That is to say, there is no patch. You have to turn off the ability to print locally and remotely for now.

Security expert Benjamin Delpy told The Register earlier this week that Microsoft's efforts at patching things hadn't dealt with all the problems, and so here we are again.

Other researchers including Will Dormann, vulnerability analyst at CERT, piled on the pain for the Windows giant.

Still, as administrators wait for Microsoft to come up with a solution for the issues other than killing the Print Spooler Service, at least when they look at the next emergency missive, the window corners will be rounded. So that's all right then. ®

Similar topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022