Microsoft has again confirmed a zero-day vulnerability related to the Print Spooler utility, despite recently released security fixes for the spooler.

Not to be confused with the original PrintNightmare vulnerability or the other recent Print Spooler exploit, this new bug could allow a local attacker to gain system privileges. Microsoft is still investigating the bug, known as CVE-2021-36958, so it has not yet been able to verify which Windows versions are affected. It also has not yet announced when it will release a security update, but says that fixes are typically released monthly.

According to BleepingComputer, the reason that Microsoft's recent security updates don't help is an oversight regarding administrative privileges. The exploit involves copying a file that opens a command prompt and a printer driver, and administrative privileges are needed to install a new printer driver.

However, the new updates only require administrator privileges for driver installation: if the driver is already installed, there is no such requirement. If the driver is already installed on a client computer, an attacker only needs to connect to a remote printer to gain full access to the system.