CVE-2024-38137

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 362
CWE ID 416
CWE ID 591

Summary

CVE-2024-38137 is a newly disclosed vulnerability affecting the Windows Resource Manager's Print Spooler Service Extension. This issue grants attackers elevated privileges, enabling them to execute code with higher system access. An attacker could exploit this vulnerability through a specially crafted print job, potentially leading to a significant security compromise. The Print Spooler Service is a critical Windows component, making this vulnerability particularly dangerous if exploited successfully. Microsoft is currently working on a patch to address this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows 11
  • Microsoft Windows

Affected Vendors

  • Microsoft