CVE-2021-40447: 
vulnerability analysis and mitigation

Windows Print Spooler Elevation of Privilege Vulnerability (CVE-2021-40447) was disclosed on September 2, 2021, affecting various versions of Microsoft Windows operating systems. This vulnerability is one of multiple Print Spooler-related security issues discovered in 2021, and it is distinct from similar vulnerabilities CVE-2021-38667 and CVE-2021-38671 (MITRE CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access is required with low attack complexity. The vulnerability is classified under CWE-269 (Improper Privilege Management). The CVSS v2.0 base score is 4.6 (Medium) with the vector (AV:L/AC:L/Au:N/C:P/I:P/A:P) (NVD).

This elevation of privilege vulnerability in the Windows Print Spooler service could allow an attacker with local access to gain higher privileges on the affected system. The vulnerability affects multiple Windows versions including Windows 10, Windows 7 SP1, and Windows 8.1 (NVD).

Microsoft has released security updates to address this vulnerability as part of their September 2021 Patch Tuesday updates. Users and administrators are strongly advised to apply the security updates immediately to protect their systems (Hacker News).