CVE-2022-26809

Name of the Vulnerable Software and Affected Versions Microsoft Windows (affected versions not specified)

Description The issue is related to the Remote Procedure Call Runtime in Microsoft Windows and is caused by incorrect code generation management. This allows a remote attacker to execute arbitrary code. The estimated number of potentially affected devices worldwide is not provided. There have been reports of real-world incidents where this issue was exploited.

Technical details about exploitation include the fact that the attack can be performed remotely without authentication and may lead to remote code execution (RCE) with RPC service privileges.

Recommendations To resolve the issue, apply the patch released by Microsoft for the vulnerability. As a temporary workaround, consider blocking port 445 on the network perimeter and configuring SMB protection settings according to the manual. Restrict access to the RPC endpoint to minimize the risk of exploitation. Avoid using vulnerable RPC components until the issue is resolved.