CVE-2022-26809 MS-RPC Vulnerability Analysis

  • Friday, 15 Apr 2022 11:00AM EDT (15 Apr 2022 15:00 UTC)
  • Speaker: Jake Williams

On Tuesday, April 12th, Microsoft released patches for CVE-2022-26809, reportedly a zero-click exploit targeting Microsoft RPC services. At the time of the publication of this abstract, there is no proof of concept available in the wild. However, based on the rating that exploitation is "more likely" we expect this won't last long. In this webcast, we'll discuss: 

  • Background on Microsoft RPC (so you can talk intelligently about it) 
  • Where the vulnerability lies within rpcrt4.dll 
  • Steps you can take to limit exploitation
  • Logging to enable that is likely to capture exploitation attempts

Join us to prepare for what's likely coming. 

Of course, if exploitation begins before this webcast we'll cover that too.