Protect Your Printer: Microsoft PostScript and PCL6 Printer Drivers Vulnerable

CVECVE-2023-21801
CVSScvssV3_1: 7.8
SourceCVE-2023-21801

Microsoft PostScript and PCL6 printer drivers were found to have a remote code execution vulnerability. These printer drivers are software that allows printing to PostScript and PCL6 compatible printers from Windows devices.

Attackers could exploit this vulnerability by sending a specially crafted print job file. When the vulnerable printer driver opens this file, it could allow the attacker to run arbitrary code on the targeted system with elevated privileges. This would give the attacker full control of the affected computer.

The vulnerability has been given a CVSS score of 7.8, making it a highly critical issue. Attackers need no authentication to exploit systems, increasing the risk. Systems using an affected printer driver are at risk of remote takeover without user interaction if exploited.

To protect yourself, make sure your Microsoft printer drivers are updated to the latest version. Microsoft has released updates to address this vulnerability, so ensuring automatic updates are enabled helps stay protected. You should also consider uninstalling any unnecessary printer drivers. Being vigilant of suspicious print jobs can also help reduce risk by not interacting with anything suspicious sent to your printer.

References