CVE-2022-26809 - Vulnerability in Windows RPC

1 Posts
1 Users
0 Likes
21 Views
b.lepeuple
(@b-lepeuplearcinfo-com)
Posts: 149
Estimable Member
Topic starter
 

Hi,
A Windows vulnerability is making the head lines.
It is referred to as CVE-2022-26809 - Remote Procedure Call Runtime Remote Code Execution Vulnerability
More information can be found at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809

This vuln is considered serious because it is 'wormable' - No need for authentication, no need for user interaction, any exposed RPC host may be subject to exploitation.
Microsoft rolled out a patch for a long list of operating systems on April 12th.

If you get questions from customers about it, we (of course) recommend patching.

Best regards
Benoît

 
Posted : 27/04/2022 4:07 pm