Microsoft releases patch for RCP vulnerability (why you need to act quickly)

We’re excited to bring Transform 2022 back to life on July 19th and virtually July 20-28. Join AI and data leaders for sensible conversations and exciting networking opportunities. Register today!


Earlier this week, Microsoft on Tuesday released 117 security patches for the April patch, including CVE-2022-26809, a CVSS 9.8 rated vulnerability in Remote Procedure Call (RPC) that allows attackers to send RPC calls to RPC hosts and execute code. . On a remote server.

“It could allow an attacker to run code with high privileges on the affected system,” said researchers from the CrowdStrike Falcon Spotlight team in a recent blog post. “This vulnerability can be used by the attacker for side movement. We recommend that your team test and use this patch as soon as possible. ”

For the enterprise, this vulnerability, if left unchecked, can make Windows servers vulnerable to compromise and enable hackers to breach internal systems without any authentication process.

As a result, Microsoft recommends that enterprises take immediate action to block TCP 445 on their perimeter firewall to prevent external attackers from taking advantage of vulnerabilities and to follow Microsoft guidelines for securing SMB traffic with segmentation and isolation techniques.

How to handle CVE vulnerabilities

While RCP vulnerabilities seem easy to patch and mitigate on the surface, historically, many organizations have struggled to organize a critical security patch until it’s too late.

In fact, research has shown that 61% of existing security vulnerabilities in corporate networks are older than 2016 or so, and that hackers used unpacked vulnerabilities to carry out some of the biggest cyber attacks in history, including the WannaCry ransomware attack in 2017.

One of the main reasons why organizations fail to deploy security patches is because there are too many to manage. In 2021 alone, there were 18,378 vulnerabilities with 3,646 high-risk vulnerabilities.

To mitigate such a large number of vulnerabilities, security teams struggle to measure if they do not have access to vulnerability management solutions.

These solutions are important because security analysts not only need to have the ability to identify vulnerabilities that exist throughout the environment, but also the ability to manage and prioritize them.

Weakness management market

As more and more organizations find it difficult to keep up with the growing list of vulnerabilities, vulnerability management solutions aim to provide automated solutions to identify vulnerabilities across the entire IT environment and prioritize their treatment.

These solutions are becoming so popular that researchers expect the global security and vulnerability management market, valued at .8 13.8 billion in 2020, to reach $ 18.7 billion by 2026 as more organizations look to automated solutions to manage and prioritize vulnerabilities on a scale.

One of the major providers in the market is CrowdStrike, which generated આવક 1.45 billion in revenue last year and offers a vulnerability management platform called Falcon Spotlight.

Falcon Spotlight provides enterprises with consistent vulnerability assessments throughout their environment, giving them the option to scan real-time or historically and filter through CVE vulnerabilities.

Competitors like Rapid7 with InsightVM, a solution that enables security teams to scan for vulnerabilities in endpoints, cloud and virtualized infrastructure, with real-time visualization of detected vulnerabilities and step-by-step solution guidance.

Rapid7 is currently in growth, reporting annual recurring revenue of $ 432.9 million, an increase of 28% year-on-year.

As a tool, InsightVM aims to differentiate itself from competitors by using host type, OS data and depth of vulnerability reporting on detected vulnerabilities, while CrowdStrike Falcon Spotlight emphasizes endpoint protection, allowing users to isolate high-risk endpoints. Makes.

Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more about membership.

Similar Posts

Leave a Reply

Your email address will not be published.