VULHUB ™

NIPrint runs as a service, with SYSTEM privileges, by default. It is accessible to all users locally through an icon in the taskbar. According to the report, the "help" system used by NIPrint can invoke Explorer as SYSTEM. An attacker can, in turn, use Explorer to run commands with administrative privileges. This vulnerability may be an instance of the general issue described in BID 8884.

NIPrint runs as a service, with SYSTEM privileges, by default. It is accessible to all users locally through an icon in the taskbar. According to the report, the "help" system used by NIPrint can invoke Explorer as SYSTEM. An attacker can, in turn, use Explorer to run commands with administrative privileges. This vulnerability may be an instance of the general issue described in BID 8884.