How to fix an MSRPC exploit

A vulnerability in Microsoft’s Windows 10 security update could allow remote attackers to execute arbitrary code in the context of the logged-on user, according to researchers from Trend Micro.

Microsoft Security Bulletin MS15-011 – Windows 10 Security Update, November 8, 2020 “When an attacker logs on to a computer, or to a remote server, and runs a malicious code, the security update for that malicious code might trigger an exploit of a security vulnerability,” researchers from Kaspersky Lab said in a blog post.

“The vulnerability can be triggered by remote code execution, man-in-the-middle attacks, or a denial of service (DoS) attack.”

The vulnerability, CVE-202077, affects the Microsoft Security Bulletin, KB00195575.

The CVE-201988 exploit for this vulnerability was reported in August and patched in November.

“The vulnerability may allow remote users to execute code on the target machine even if it is not logged on as a user, because the malicious code has administrator privileges,” the researchers wrote.

Affected Windows 10 versions: Windows 10 Professional x64 Edition, Windows 10 Enterprise x64 edition, Windows Server 2016 x64 Editions, Windows 7 Professional x86 Edition, and Windows Server 2008 R2 x64 editions, Windows Vista x64, Windows XP x64 versions.

Theffected software versions are listed below: