Microsoft releases patch for RCP vulnerability (why you need to act fast)

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!

Earlier this week, Microsoft released 117 security patches for April’s Patch Tuesday, including CVE-2022-26809, a CVSS 9.8 vulnerability in Remote Procedure Call (RPC) that allows an attacker to send an RPC call to an RPC host. and run code on a remote server.

“It could allow an attacker to execute highly privileged code on an affected system,” CrowdStrike Falcon Spotlight Team researchers said in a recent blog post. “This vulnerability could be used by an attacker for lateral movement. We encourage your team to test and deploy this patch as soon as possible.”

For businesses, if left unpatched, this vulnerability could leave Windows servers vulnerable to compromise and allow a hacker to breach internal systems without any authentication process.

Therefore, Microsoft recommends that companies take immediate action to block TCP 445 on their perimeter firewall to prevent remote attackers from exploiting the vulnerability and to follow Microsoft guidelines to protect SMB traffic using segmentation and isolation techniques.

How to Scale to Manage CVE Vulnerabilities

While RCP’s vulnerability may seem easy to patch and mitigate at first glance, many organizations in the past have struggled to deploy critical security patches until it’s too late.

In fact, research shows that 61% of security vulnerabilities in corporate networks date from 2016 or even older, and hackers have used unpatched vulnerabilities to carry out some of the largest cyberattacks in history, including the WannaCry ransomware attack in 2017.

One of the main reasons organizations fail to deploy security patches is that there are too many to manage. In 2021 alone, 18,378 vulnerabilities were reported with 3,646 high-risk vulnerabilities.

With such a large number of vulnerabilities to mitigate, security teams struggle to scale without access to a vulnerability management solution.

These solutions are critical because security analysts must not only have the ability to identify vulnerabilities in the environment, but also the ability to manage and prioritize them.

The Vulnerability Management Market

As more and more organizations find it difficult to keep up with the growing list of vulnerabilities, vulnerability management solutions aim to provide an automated solution for identifying and prioritizing remediation of vulnerabilities in IT environments.

These solutions are gaining popularity to the extent that researchers expect the global security and vulnerability management market, valued at $13.8 billion in 2020, to reach $18.7 billion by 2026 as more organizations look to automated solutions to manage and prioritize vulnerabilities at scale.

One of the main providers in the market is Crowdstrike, which raised $1.45 billion in revenue last year and offers a vulnerability management platform called Falcon Spotlight.

Falcon Spotlight provides enterprises with continuous vulnerability assessments across their environment, giving them the ability to run real-time or historical scans and filter for CVE vulnerabilities.

Competitor like Rapid7 with InsightVM, a solution that enables security teams to scan existing vulnerabilities in endpoints, cloud and virtualized infrastructure, with a real-time dashboard view of discovered vulnerabilities and step-by-step remediation guidance.

Currently, Rapid7 continues to grow and reports annual recurring revenue of $432.9 million, up 28% year-over-year.

As a tool, InsightVM aims to differentiate itself from competitors by leveraging vulnerability reporting on host types, OS data, and vulnerabilities discovered, while CrowdStrike Falcon Spotlight places greater emphasis on endpoint protection, allowing users to automatically isolate high-risk endpoints.

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more about membership.

This post Microsoft releases patch for RCP vulnerability (why you need to act fast)

was original published at “https://venturebeat.com/2022/04/16/microsoft-releases-patch-for-rcp-vulnerability-why-you-need-to-act-quickly/”