Does anybody know what Rapid7 changed in Microsoft Windows: CVE-2021-34527: Windows Print Spooler Remote Code Execution Vulnerability?
Hi @hhwanea,
we had the same issue, CVE-2021-34527 reintroduced - InsightVM - Rapid7 Discuss.
I guess the detection for the registry keys were added to the vulnerability. After we changed the reg keys according to KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates - Microsoft Support, InsightVM showed the vulnerability as remediated.
Kind regards,
Julian
Thank you for replying back. I was wondering if Windows 11 devices were impacted for you? We only see Windows 10 devices being flagged even though both Windows 10 and 11 have the same registry settings