Security-Advanced-Threat-Protection-Microsoft

Last week was Microsoft’s April 2022 Patch Tuesday, bringing 117 security fixes across the company’s platforms. Among them was CVE-2022-26809, a vulnerability in Remote Procedure Call (RPC) that has the potential to be very dangerous.

In fact, Microsoft says the flaw in Remote Procedure Call is rated 9.8 out of ten, making it a critical issue. According to the company, the problem would provide exploit possibilities for threat actors.

Microsoft is urging enterprise customers to get the patch Tuesday release to fix the flaw. If left unpatched, it leaves Windows servers potentially open to attack. If successful, an exploit would give the hacker access to the internal systems on a machine by bypassing authentication.

Advertisement

Patch Tuesday

On the official document for the vulnerability, Microsoft describes ways to mitigate the issue:

“1. Block TCP port 445 at the enterprise perimeter firewall

TCP port 445 is used to initiate a connection with the affected component. Blocking this port at the network perimeter firewall will help protect systems that are behind that firewall from attempts to exploit this vulnerability. This can help protect networks from attacks that originate outside the enterprise perimeter. Blocking the affected ports at the enterprise perimeter is the best defense to help avoid Internet-based attacks. However, systems could still be vulnerable to attacks from within their enterprise perimeter.

  1. Follow Microsoft guidelines to secure SMB traffic

Secure SMB Traffic in Windows Server.”

Of course, it is arguably best practice to download and install the entire April 2022 Patch Tuesday package. However, there is a long history of patches released during the rollup to cause problems of their own, whether that be additional security holes or poor performance of the patched service.

Tip of the day: The Windows Clipboard history feature provides the functionality across device, space, and time, letting you copy on one computer and paste the text days later on a different PC. All of it is possible via the Windows 10 clipboard manager, which lets you view, delete, pin, and clear clipboard history at will.

In our tutorial we show you how to enable the feature, clear clipboard history, and enable/disable clipboard sync to meet your preferences. You can also create a clear clipboard shortcut for quick removal of stored content.

Advertisement