Windows Print Spooler 0day DoS Vulnerability

Secunia has reported a zero day vulnerability affecting Microsoft Windows 2000. As yet, successful exploits of the flaw have only proved to allow denial of service attacks. Consequently, Secunia has labeled the vulnerability "Less critical."

Microsoft has failed to comment in any way the situation. And so far, the Redmond Company is still to produce a solution for the vulnerability. The fastest Microsoft can issue a security bulletin to address the situation is on December 12, concomitantly with the company's monthly patch cycle. Since the vulnerability implies only a DoS attack with little repercussions, there also exists the possibility that Microsoft will patch this vulnerability in January 2007.

"The vulnerability is caused due to an error in the handling of "RpcGetPrinterData()" RPC requests within the Print Spooler service (spoolsv.exe). This can be exploited to consume almost all available memory via a specially crafted packet, which may result in a system crash. The vulnerability is confirmed on a fully patched Windows 2000 SP4 system. Other versions may also be affected," revealed Secunia.

Currently, the only viable workaround is to restrict access to the Print Spooler service or even to completely disable the service.