CVE-2021-34481 - Windows Print Spooler Elevation of Privilege Vulnerability

Accepted Answer
-
Hi John,
Yes, F-Secure products protect against the vulnerability CVE-2021-34481. This DB was released at the end of the last week.
If any attacker would try to exploit this PrintNightmare (CVE-2021-34527) vulnerability, the DeepGuard feature present in all F-Secure endpoint products blocks this suspicious behavior with the detection Exploit:W32/SpoolSVLaunch.A!DeepGuard.
Microsoft has also updated their advisory and released an out-of-band patch for certain Windows version (Updates are not yet available for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012). One change after applying this patch is that non-admin will now only be able to install new signed printer drivers. Unsigned printer driver will require administrator rights to install successfully.