According to security researcher Rancho Han at Singular Security, the problem specifically exists in an old and barely known component in Windows kernel called user mode print driver (UMPD).
The driver consists of two main components: a printer graphics dynamic link library (DLL) that assists the graphics device interface in rendering a print job and sending the job to the print spooler; and a printer interface DLL that the spooler uses to notify the driver of print-related events, Han said in his Black Hat presentation.
The problem exists in the interaction between the UMPD and certain Windows kernel functions. According to Han, when a user initiates some kinds of print-related functions, the UMPD interacts with the graphics engine and receives what are known as callbacks from the kernel. The manner in which the interaction takes places gives attackers an opportunity to insert malicious code into the process, which is then executed at the Windows kernel level.