Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution
Description: This security update resolves three privately reported vulnerabilities in Windows Print Spooler. The most severe vulnerability could allow remote code execution if an affected server received a specially crafted RPC request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. The update addresses the vulnerabilities by changing the way the print spooler parses certain printing data structures, limiting the location where separator pages or embedded files can be read by the Windows Printing Service, and restricting the paths from which the print spooler can load a DLL.
Update type: Important
Release date: June 9, 2009
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/961501
- Buffer Overflow in Print Spooler Vulnerability – CVE-2009-0228
- Print Spooler Read File Vulnerability – CVE-2009-0229
- Print Spooler Load Library Vulnerability – CVE-2009-0230
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB961501.