Microsoft has released security update guidance for CVE-2026-33825, a critical remote code execution flaw in the Windows Print Spooler service affecting Windows Server 2022, Azure Stack HCI, and Windows 11 systems. Immediate patching or mitigation is advised.
Microsoft has issued urgent guidance for CVE-2026-33825 affecting multiple Windows platforms. The vulnerability carries a CVSS base score of 9.8 indicating critical severity. Remote code execution is possible without authentication.
The flaw resides in the Windows Print Spooler service when it processes specially crafted print jobs over SMB. An attacker can send malicious payloads to trigger arbitrary code execution on the target system. Affected products include Windows Server 2022 versions 21H2 and 22H2, Azure Stack HCI 22H2 and 23H2, and Windows 11 22H2 when the Print Spooler service is enabled.
Mitigation steps are straightforward. Apply the out-of-band security update released August 13 2026 via Windows Update WSUS or Microsoft Endpoint Configuration Manager. If immediate patching is not feasible disable the Print Spooler service or block inbound SMB traffic from untrusted networks. Refer to knowledge base article KB5021234 for detailed instructions.
Timeline shows Microsoft first received the vulnerability report through MSRC on July 20 2026. The security update was released on August 13 2026 followed by public disclosure. Exploit attempts were observed in the wild beginning August 15 2026 indicating active threat activity.
For further details consult the following resources:
- Microsoft Security Response Center: https://msrc.microsoft.com
- CVE-2026-33825 entry in the National Vulnerability Database: https://nvd.nist.gov/vuln/detail/CVE-2026-33825
- Microsoft Security Update Guide for CVE-2026-33825: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33825
Comments
Please log in or register to join the discussion