Hundreds of millions of Windows computers have a problem caused by a faulty printer driver. The resulting weakness can be exploited for an outside takeover of the system. The bug is in code that came from HP but is also used by Samsung and Xerox devices. The bug had been in the software for years before it was discovered. According to an analysis by security researchers at SentinelOne the vulnerability in the driver versions can be traced back as much as 16 years. Apparently the vulnerability, which is now as CVE-2021-3438 registered, not previously discovered by criminals and there is currently no evidence of active abuse.
However, the vulnerability is classified as serious, mainly because of the possibilities it offers an attacker. With the right exploit, it is possible to smuggle and execute remote code through security products such as virus scanners. And since drivers often work with relatively extensive authorizations, the options are not limited to the rights of the currently active user. According to SentinelOne, code can even be run with system privileges, making the entire kernel vulnerable.
Such printer driver errors are of particular interest to attackers because they are usually loaded directly during the boot process and are always active. So no further steps are needed to, for example, get malware on a computer. Patches are already provided by the manufacturers, all users of printers of the mentioned brands should ensure that a driver update is performed:
Source: Hardware Info Compleet by nl.hardware.info.
*The article has been translated based on the content of Hardware Info Compleet by nl.hardware.info. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!