How To Fix CVE-2022-26809- A Critical RCE Vulnerability In Windows RPC Runtime

Microsoft’s April Patch Tuesday brings several vulnerability fixes, including CVE-2022-26809, a critical remote code execution vulnerability in the Windows Remote Procedure Call Runtime library impacting all supported Windows products. This vulnerability is raising concerns among security researchers due to its widespread potential. Therefore, Organizations need to implement Windows security updates as soon as possible. This article will discuss how to Fix CVE-2022-26809, a critical RCE Vulnerability in Windows RPC Runtime.

What Is Windows RPC Runtime?

Microsoft Remote Procedure (RPC) is a robust technology to create distributed client/server programs. RPC run-time libraries and stubs manage most processes related to network protocols and communication. It enables you to focus on application details despite network details.

Summary Of CVE-2022-26809

CVE-2022-26809 is a vulnerability in Remote Procedure Call Runtime. An unauthentic remote attacker could exploit it by sending a specially crafted RPC call to the RPC host. Successful exploitation of this vulnerability could result in remote code execution on the server-side with similar permissions as the RPC service.

Microsoft evaluates that CVE-2022-26809 has a low attack complexity and needs no privileges and no user interaction. These features could make the vulnerability potentially wormable. However, Microsoft has not confirmed it yet at the time of publication.

Windows Products Vulnerable To CVE-2022-26809

The following platforms are affected by the CVE-2022-26809.

Microsoft Windows Server

• Windows Server 2022 (server Core installation)
• Windows Server 2022
• Windows Server version 20H2 (Server Core installation)
• Windows Server 2019 (Server Core Installation)
• Windows Server 2016 (Server Core installation)
• Windows Server 2016
• Windows Server 2012 R2 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 (Server Core installation)
• Windows Server 2012
• Windows Server 2008 R2 for x64-based System Service Pack 1 (Server Core installation)
• Windows Server 2008 R2 for x64-based System Service Pack 1
• Windows Server 2008 for x64-based System Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based System Service Pack 2
• Windows Server 2008 for 32-bit System Service Pack 2 (Server Core Installation)
• Windows Server 2008
• Windows Server 2008 R2 for 32-bit System Service Pack 2 

Microsoft Windows Server

• Windows Server 2022 (server Core installation)
• Windows Server 2022
• Windows Server version 20H2 (Server Core installation)
• Windows Server 2019 (Server Core Installation)
• Windows Server 2016 (Server Core installation)
• Windows Server 2016
• Windows Server 2012 R2 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 (Server Core installation)
• Windows Server 2012
• Windows Server 2008 R2 for x64-based System Service Pack 1 (Server Core installation)
• Windows Server 2008 R2 for x64-based System Service Pack 1
• Windows Server 2008 for x64-based System Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based System Service Pack 2
• Windows Server 2008 for 32-bit System Service Pack 2 (Server Core Installation)
• Windows Server 2008
• Windows Server 2008 R2 for 32-bit System Service Pack 2

• Windows 11 for ARM64-based Systems
• Windows 11 for x64-based Systems
• Windows 10 Version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for 32-bit Systems
• Windows 10 Version 21H2 for x64-based Systems
• Windows 10 Version 21H1 for ARM64-based Systems
• Windows 10 Version 21H1 for 32-bit Systems
• Windows 10 Version 21H1 for x64-based Systems
• Windows 10 Version 20H2 for ARM64-based Systems
• Windows 10 Version 20H2 for 32-bit Systems
• Windows 10 Version 20H2 for x64-based Systems
• Windows 10 Version 1909 for ARM64-based Systems
• Windows 10 Version 1909 for x64-based Systems
• Windows 10 Version 1909 for 32-bit Systems
• Windows 10 Version 1809 for ARM64-based Systems
• Windows 10 Version 1809 for x64-based Systems
• Windows 10 Version 1809 for 32-bit Systems
• Windows 10 Version 1607 for x64-based Systems
• Windows 10 Version 1607 for 32-bit Systems
• Windows 10 for x64-based Systems
• Windows 10 for 32-bit Systems
• Windows RT 8.1
• Windows 8.1 for x64-based systems
• Windows 8.1 for 32-bit systems
• Windows 7 for x64-based Systems Service Pack 1
• Windows 7 for 32-bit Systems Service Pack 1

How To Fix CVE-2022-26809- A Critical RCE Vulnerability In Windows RPC Runtime?

However, RPC leverages various security mechanisms and controls, following mitigations based on Microsoft’s official advisories are recommended.

1. Apply the latest security updates to mitigate these vulnerabilities.
2. RPC is required for devices used by the system. It is recommended to block traffic to TCP port 445 for services outside the enterprise perimeter.
3. Limit the lateral movement by enabling incoming TCP port 445 only to machines where it is required, such as print servers, domain controllers, file servers, etc.

Affected organizations are required to check the Microsoft April 2022 Security Update Summary and apply relevant patches. Get more details about CVE-2022-26809 here.

We hope this post will help you know How to Fix CVE-2022-26809- A Critical RCE Vulnerability in Windows RPC Runtime. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this. 

• 12 Signal Privacy Settings
• Install Windows 11 On VMWare
• What Is New In Windows 11 And When Is The Official Release?
• Step By Step Procedure To Run Windows On Mac For Free!
• What Is Remote Code Execution? How To Prevent Remote Code Execution?