西北农林科技大学信息化管理处（网络与教育技术中心）-全讯官网

一、漏洞概述

微软在2021年6月的安全更新中修复了其windows操作系统后台打印服务windows print spooler的远程代码执行漏洞（cve-2021-1675），windows print spooler管理所有本地和网络打印队列，控制所有打印工作。攻击者利用该漏洞可绕过安全检查在目标设备上安装恶意驱动程序。鉴于漏洞危害较大且相关漏洞利用代码已公开，建议相关用户尽快采取措施进行防护。

二、影响范围

windows server 2012 r2 (server core installation)

windows server 2012 r2

windows server 2012 (server core installation)

windows server 2012

windows server 2008 r2 for x64-based systems service pack 1 (server core installation)

windows server 2008 r2 for x64-based systems service pack 1

windows server 2008 for x64-based systems service pack 2 (server core installation)

windows server 2008 for x64-based systems service pack 2

windows server 2008 for 32-bit systems service pack 2 (server core installation)

windows server 2008 for 32-bit systems service pack 2

windows rt 8.1

windows 8.1 for x64-based systems

windows 8.1 for 32-bit systems

windows 7 for x64-based systems service pack 1

windows 7 for 32-bit systems service pack 1

windows server 2016 (server core installation)

windows server 2016

windows 10 version 1607 for x64-based systems

windows 10 version 1607 for 32-bit systems

windows 10 for x64-based systems

windows 10 for 32-bit systems

windows server, version 20h2 (server core installation)

windows 10 version 20h2 for arm64-based systems

windows 10 version 20h2 for 32-bit systems

windows 10 version 20h2 for x64-based systems

windows server, version 2004 (server core installation)

windows 10 version 2004 for x64-based systems

windows 10 version 2004 for arm64-based systems

windows 10 version 2004 for 32-bit systems

windows 10 version 21h1 for 32-bit systems

windows 10 version 21h1 for arm64-based systems

windows 10 version 21h1 for x64-based systems

windows 10 version 1909 for arm64-based systems

windows 10 version 1909 for x64-based systems

windows 10 version 1909 for 32-bit systems

windows server 2019 (server core installation)

windows server 2019

windows 10 version 1809 for arm64-based systems

windows 10 version 1809 for x64-based systems

windows 10 version 1809 for 32-bit system

三、防护措施

已开启windows自动更新的系统会自动安装补丁，无需手动更新升级。未开启自动更新的计算机及所有windows服务器按照以下方法做好防护。

1.安装补丁

目前，微软官方已针对支持的系统版本发布了修复该漏洞的安全补丁，官方补丁下载地址：。

由于网络问题、计算机环境问题等原因，windows update的补丁更新可能出现失败。用户在安装补丁后，应及时检查补丁是否成功更新。

右键点击windows图标，选择“设置”，选择“更新和安全”-“windows更新”，查看该页面上的提示信息，也可点击“查看更新历史记录”查看历史更新情况。

针对未成功安装的更新，可点击更新名称跳转到微软官方下载页面，建议用户点击该页面上的链接，转到“microsoft更新目录”网站下载独立程序包并安装。

2.临时应对措施

若无法成功安装补丁，则可通过禁用print spooler服务来进行缓解：

（1）单击windows图标或搜索框，搜索“services.msc”，在服务应用中找到print spooler服务。

（2）双击“print spooler”，停止运行服务，同时将“启动类型”修改为“禁用”。