A remote code execution vulnerability affects multiple Windows versions. Microsoft has released a security update to address CVE-2026-27144, rated Critical with a CVSS v3.1 score of 9.8. Users should apply the patch immediately.
Microsoft has released a security update to address CVE-2026-27144. The vulnerability allows remote code execution on affected systems. This flaw exists in the Windows Print Spooler service.
Affected products include Windows 10 version 22H2, Windows 11 version 23H2, and Windows Server 2022. Systems running these versions are at risk if the Print Spooler service is enabled.
According to the Microsoft Security Response Center, the CVSS v3.1 base score is 9.8, indicating Critical severity. The attack vector is network-based, requires no user interaction, and can lead to full system compromise.
Technical details show that an unauthenticated attacker can send specially crafted print jobs to trigger a buffer overflow. Successful exploitation permits arbitrary code execution with SYSTEM privileges.
Microsoft recommends applying the security update released on October 8, 2024. The update is available through Windows Update, Microsoft Update Catalog, and WSUS.
Administrators should verify installation of KB5044380 for Windows 10, KB5044379 for Windows 11, and KB5044381 for Windows Server 2022.
As a temporary mitigation, disabling the Print Spooler service reduces risk until the patch can be applied. This step may impact printing functionality.
For more information, see the Microsoft Security Update Guide entry for CVE-2026-27144. Direct link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27144
The MSRC advisory provides full details: https://msrc.microsoft.com/update-guide
Organizations should prioritize this update in their next patching cycle. Monitoring for unusual Print Spooler activity is advised.
Comments
Please log in or register to join the discussion