diff --git a/rules/windows/builtin/win_exploit_cve_2021_1675_printspooler.yml b/rules/windows/builtin/win_exploit_cve_2021_1675_printspooler.yml
index cb606839c..dd9c2ac35 100644
--- a/rules/windows/builtin/win_exploit_cve_2021_1675_printspooler.yml
+++ b/rules/windows/builtin/win_exploit_cve_2021_1675_printspooler.yml
@@ -17,11 +17,13 @@ logsource:
     service: printservice-admin
 detection:
     selection:
-        EventID: 
+        EventID:
             - 808   # old id
             - 4909  # new id
-        ErrorCode: '0x45A'
-    keywords: 
+        ErrorCode:
+            - '0x45A'
+            - '0x7e'
+    keywords:
         - 'The print spooler failed to load a plug-in module'
         # default file names used in PoC codes
         - 'MyExploit.dll'