SecurityWeek

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

The PhantomRPC Windows vulnerability allows attackers to elevate their privileges to System by using a fake RPC server.
Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...

‘Unlimited Attack Vectors’—All Windows Versions At Risk From New Flaw

Security researchers have uncovered an unpatched Windows security bug with effectively unlimited potential attack ...
Network World

More about the Windows RPC vulnerability

On the heels of last week’s newsletter about the new Remote Procedure Call (RPC) vulnerability found in most 32-bit Windows operating systems (see links below), NetPro CTO Gil Kirkpatrick reminded me ...
CSOonline

‘Win-DDoS’: Researchers unveil botnet technique exploiting Windows domain controllers

SafeBreach researchers demonstrate how attackers can crash Windows domain controllers and build a botnet using unauthenticated RPC and LDAP vulnerabilities. At DEF CON 33, security researchers ...
Bleeping Computer

July Windows Server updates break Remote Desktop connections

Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote ...