Old vulnerabilities die hard: researchers uncover 20-year-old code in Windows Print Spooler
Every Microsoft Windows operating system has a file that manages commands to print documents. It is ubiquitous to the point of going unnoticed. But when researchers from security firm SafeBreach took a closer look at the file, which is called a Print Spooler Service, they noticed that some of the code is two decades old. A denial of service vulnerability the researchers reported earlier this year, which crashes the spooler service, worked not on only Windows 10, the latest operating system, but also on Windows 2000. It’s a glaring example of the old code that is bequeathed to popular software programs we take for granted. But the researchers weren’t done dissecting the spooler service. “We got intrigued, so we continued to dive in,” said Peleg Hadar, senior security researcher at SafeBreach Labs. They found another bug in the spooler service that could allow an attacker to gain system privileges on […]
The post Old vulnerabilities die hard: researchers uncover 20-year-old code in Windows Print Spooler appeared first on CyberScoop.