Microsoft Windows Print Spooler Components Security Update (MS16-087)

The Print Spooler service is an executable file that is installed as a service. The spooler is loaded when the operating system starts, and it continues to run until the operating system is shut down. The Print Spooler service manages the printing process, which includes such tasks as retrieving the location of the correct printer driver, loading that driver, spooling high-level function calls into a print job and scheduling print jobs.

The security update resolves the following issues.
- A remote code execution vulnerability exists when the Windows Print Spooler service does not properly validate print drivers while installing a printer from servers. (CVE-2016-3238)

- An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. (CVE-2016-3239)

Affected Software:
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8.1 for 32-bit Systems
Windows 8.1 for 64-bit Systems
Windows Server 2012
Windows Server 2012 R2
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for 64-bit Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for 64-bit Systems
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)

This security update is rated Critical for all supported editions.

An attacker who successfully exploited this vulnerability could use it to execute arbitrary code and take control of an affected system.

Refer to MS16-087 for more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

MS16-087: Windows Vista Service Pack 2

MS16-087: Windows Vista x64 Edition Service Pack 2

MS16-087: Windows Server 2008 for 32-bit Systems Service Pack 2

MS16-087: Windows Server 2008 for x64-based Systems Service Pack 2

MS16-087: Windows Server 2008 for Itanium-based Systems Service Pack 2

MS16-087: Windows 7 for 32-bit Systems Service Pack 1

MS16-087: Windows 7 for x64-based Systems Service Pack 1

MS16-087: Windows Server 2008 R2 for x64-based Systems Service Pack 1

MS16-087: Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

MS16-087: Windows 8.1 for 32-bit Systems

MS16-087: Windows 8.1 for x64-based Systems

MS16-087: Windows Server 2012

MS16-087: Windows Server 2012 R2

MS16-087: Windows 10 for 32-bit Systems

MS16-087: Windows 10 for x64-based Systems

MS16-087: Windows 10 Version 1511 for 32-bit Systems

MS16-087: Windows 10 Version 1511 for x64-based Systems