CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS Institute

Channel:

SANS Institute

Subscribers:

64,000

Published on April 18, 2022 12:14:07 AM ● Video Link: https://www.youtube.com/watch?v=fQ06VUq3kd8

Duration: 59:05

6,944 views

107

On Tuesday, April 12th, Microsoft released patches for CVE-2022-26809, reportedly a zero-click exploit targeting Microsoft RPC services. At the time of the publication of this abstract, there is no proof of concept available in the wild. However, based on the rating that exploitation is "more likely" we expect this won't last long. In this webcast, we'll discuss:

- Background on Microsoft RPC (so you can talk intelligently about it)
- Where the vulnerability lies within rpcrt4.dll
- Steps you can take to limit exploitation
- Logging to enable that is likely to capture exploitation attempts

SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.

Other Videos By SANS Institute

2022-04-26	Amp Up Your Career: Careers in Energy and Critical Infrastructure Cybersecurity
2022-04-25	Sitting at the Big Table: Experiences as a First-Time Information Security Officer
2022-04-24	5 Things in 20 Minutes
2022-04-23	Networking 101: Introverts Only
2022-04-22	Hacking Your Mind: Como começar e continuar a evoluir
2022-04-22	From Rookie to Rockstar: Kickstart Your Career as a SOC Analyst
2022-04-21	Cómo los Efectos Visuales me empujan a la ciberseguridad
2022-04-21	Finding Cybersecurity: A Practitioner's Path to Success
2022-04-20	Fast-Track Your Cybersecurity Career
2022-04-19	Reality Check: An Honest Look at Cybersecurity Jobs
2022-04-17	CVE-2022-26809 MS-RPC Vulnerability Analysis - SANS Institute
2022-04-13	Hiring and Mentoring in 2022 \| Seat at the Table
2022-04-07	Black Swans, Gray Rhinos, and Pink Elephants: Why We Should Think More Slowly About Cybersecurity
2022-04-06	Technologies Disrupting Financial Audit Process
2022-03-30	Burnout and Employee Well Being
2022-03-24	Critical Infrastructure Protection– Part 4 of 4 SANS Emerging Cyber Guidance to Ukraine-Russia War
2022-03-24	Cyber Defense & Threat Hunting – Part 3 of 4 SANS Emerging Cyber Guidance to the Ukraine-Russia War
2022-03-24	Open Source Intelligence – Part 2 of 4 SANS Emerging Cyber Guidance to the Ukraine-Russia War
2022-03-24	Russia’s Cyber Capabilities – Part 1 of 4 SANS Emerging Cyber Guidance to the Ukraine-Russia War
2022-03-22	Numeric Conversions \| Decimal, Binary & Hexadecimal
2022-03-18	Emerging Cyber Guidance to the Ukraine-Russia War

Tags:

sans institute

information security

cyber security

cybersecurity

information security training

cybersecurity training

cyber security training

CVE-2022_26809

Microsoft Patch

Microsoft RPC services

Channel	Latest
ChratosGameplay	6 hours ago
KreekCraft	6 hours ago
Domtendo	7 hours ago
Sirloin	7 hours ago
Marstead	7 hours ago
YumiYT	7 hours ago
Singeferno	7 hours ago
Matt212 Clips	7 hours ago
NintendoGamerGuide	7 hours ago
Cole Calamello Ch.	7 hours ago
Dizowskyy	7 hours ago
LadyShelab	7 hours ago
DooM49	7 hours ago
Alex Gillon	7 hours ago
Marcy	7 hours ago
Proximus Prime	8 hours ago
Gryphox: Tails_155, ShinMajin and Pals	8 hours ago
Quasimofo	8 hours ago
Scroft	8 hours ago
ZGF Gaming	8 hours ago
Studio MagicA	8 hours ago
B-Lo	8 hours ago
Nubbz3	8 hours ago
PartyCow2000	8 hours ago
Gameplay Sharks	8 hours ago