image credit: pixabay
Among the over 100 vulnerabilities fixed by Microsoft this week during its monthly patch cycle is one that has the security community very worried. It’s a critical remote code execution (RCE) vulnerability located in the Windows Remote Procedure Call (RPC) runtime.
The flaw, tracked as CVE-2022-26809, can be exploited over the network with no user interaction, possibly using multiple protocols as a trigger. It’s the kind of vulnerability that gave life to major botnets in the past as some Windows processes use RPC to communicate with each other over networks.
Comments are closed.
