VULHUB ™

The spooler service (spoolss.exe) allows local users to add their own dll files and have the spooler run them at SYSTEM level. This could lead to privilege escalation all the way up to Administrator level. The problem is in the function AddPrintProvider().

The spooler service (spoolss.exe) allows local users to add their own dll files and have the spooler run them at SYSTEM level. This could lead to privilege escalation all the way up to Administrator level. The problem is in the function AddPrintProvider().