TL;DR; there was a local privilege escalation bug in Print Spooler (fixed yesterday). The article calls it "Stuxnet's Legacy" because Stuxnet hit the same component. But Stuxnet bug was a remote code execution (10 years ago).
TL;DR; There are undisclosed unpatched CVEs pending for Windows Print Spooler services.
From the article: "The [researchers] also said that they had found and disclosed some other bugs in the same are that have not yet been patched “so there’s definitely still some dragons hiding.”"
