Microsoft has announced a critical vulnerability, Remote Procedure Call Runtime Remote Code Execution with a CVSS score of 9.8.

This vulnerability affects Windows desktop, and server products running RPC (Remote Procedure Call) which allows an attacker to send specially crafted RPC calls to an RPC host. This results in remote code execution on the server allowing the same permissions as the RPC service.

We strongly recommend applying Microsoft’s latest Patch Tuesday update as soon as possible to minimise any risk.

Please refer to their advisory for more information, or call our Customer Support team on 0800 LEARNING.