Q2 Quarterly Threats and Vulnerabilities Report 2021

Pint Sevices Under Attack

In late June 2021, repots regarding a citical vulnerability in the Windows Pint Spooler sevice were validated and Microsoft released multiple updates to address the vulnerability (CVE-2021-34527).

This vulnerability pemitted a remote attacker to compromise a vulnerable system, and at the time of release the vulnerability was already being publicly exploited.

Help AG, alongside many in the cybersecuity community, noted that the patches were impotant. However, on vulnerable systems, attackers could still gain a foothold if cetain settings were not present.