Protect Your Printer: Microsoft PostScript and PCL6 Printer Drivers Vulnerable

CVECVE-2023-23413
CVSScvssV3_1: 8.8
SourceCVE-2023-23413

Microsoft PostScript and PCL6 printer drivers were found to have a remote code execution vulnerability. These printer drivers are software that allows computers to communicate with printers that use the PostScript or PCL6 printing languages.

Attackers could exploit this vulnerability to run malicious code remotely on computers where the vulnerable printer drivers are installed. They would need to trick a user into printing a specially crafted file. Once printed, the malicious code in the file could execute without the user’s knowledge or consent, allowing the attacker to install programs, view, change or delete data.

The vulnerability received a CVSS score of 8.8 out of 10, meaning it is considered highly critical. Systems running outdated versions of the Microsoft PostScript and PCL6 printer drivers are affected.

To protect yourself, make sure your Microsoft printer drivers are updated to the latest versions released by Microsoft. You can check for updates through Windows Update. It’s also recommended to only print files from trusted sources and consider disabling direct printing if possible in your environment. Staying on top of patches is one of the best ways to defend against vulnerabilities like this one.

References