CVE-2021-36936: 
vulnerability analysis and mitigation

Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-36936) was disclosed in August 2021 as part of Microsoft's ongoing investigation into Print Spooler vulnerabilities. This vulnerability affects Windows Print Spooler service, which is enabled by default on domain controllers, desktops, and servers (Arctic Wolf).

The vulnerability has received a CVSS v3.1 base score of 9.8 (CRITICAL) from NIST with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, while Microsoft assigned it a slightly lower score of 8.8 (HIGH) with a vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

As a Remote Code Execution (RCE) vulnerability, successful exploitation could allow attackers to execute unauthorized code on affected systems with elevated privileges. The vulnerability affects multiple versions of Windows, including Windows 10, Windows 7 SP1, and Windows 8.1 (NVD).

Microsoft released security patches for this vulnerability as part of their August 2021 Patch Tuesday updates. It is strongly recommended to apply these patches as soon as possible to protect against potential exploitation (Arctic Wolf).

This vulnerability was part of a series of Print Spooler vulnerabilities that Microsoft had been addressing since June 2021, including the notorious PrintNightmare vulnerability. The discovery of CVE-2021-36936 demonstrated Microsoft's continued efforts to identify and patch security issues in the Print Spooler service (Krebs on Security).