This “zero-day” threat was found earlier this month and lets bad actors remotely execute code with system-level privileges. That’s just about as bad as things can get.
This attack basically means a cyber criminal can install software onto PCs including terrifying applications that keep a log of everything typed on the keyboard. If hit by the attack, users could find personal information such as banking details and passwords ending up in the wrong hands.
As Microsoft explains: “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Most bugs take Microsoft a while to fix but this update has been pushed out at a rapid rate due to the fact that users were already being target by it. You can find full details about the updates here with this latest patch named KB5004945.
Author: David Snelling
Read more here >>> Daily Express :: Tech