Update: Notice on Microsoft Windows Print Spooler Vulnerability
First published July 7, 2021
Date of current status July 21,2021
Ricoh is aware of the security vulnerability, commonly called "Print Nightmare," registered as CVE-2021-34527 and published by Microsoft (link) on July 1, 2021.
The vulnerability allows remote code execution by a standard Microsoft Active Domain user by exploiting vulnerabilities in the print spooler process used by all Microsoft operating systems. Ricoh print drivers are not directly affected by this vulnerability, however, because print drivers for Microsoft Windows operating systems make use of the printer spooler process, any potential mitigation might affect the ability to print or otherwise properly use print drivers.
The security and integrity of our customer's data and devices is of the utmost importance to Ricoh. In the light of Microsoft releasing security updates as of July 6, we advise our customers to refer to the Microsoft advisory page.
A further vulnerability related to the print spooler process (registered under CVE-2021-34481) has been confirmed by Microsoft. Again, we advise our customers to refer to the Microsoft advisory page.
Please note that a closely related vulnerability (registered under CVE-2021-1675) has been patched by Microsoft recently (link).
Updates will be provided as more information becomes available.