A critical remote code execution flaw in the Windows Print Spooler affects Windows 10 Windows 11 and Windows Server versions. Microsoft has issued patches and advises immediate application.
Security Update Guide – CVE-2026-28532
Impact
A critical remote code execution flaw affects multiple Windows versions. Attackers can execute arbitrary code with system privileges by sending a specially crafted print job.
Technical Details
The vulnerability resides in the Print Spooler service handling of malformed metafile records. Successful exploitation requires authentication as a low-privilege user and allows elevation to NT AUTHORITY\SYSTEM. CVSS v3.1 base score is 9.8 Critical due to network attack vector low complexity and no user interaction.
Mitigation and Timeline
Microsoft released security updates on January 14 2026 that address CVE-2026-28532. Administrators should apply the patches via Windows Update or download them from the Microsoft Update Catalog. As a temporary workaround disable the Print Spooler service on systems where printing is not required. The advisory was published simultaneously with the patch release and includes links to detailed mitigation guidance. See the Microsoft Security Response Center page for full details.
Comments
Please log in or register to join the discussion