myDRE is NOT vulnerable for CVE-2022-26809 - Serious Vulnerabilities in Microsoft Windows Workplaces and Servers
Situation
Last “patch Tuesday” Microsoft disclosed and fixed a large number of serious vulnerabilities in Microsoft Windows. One of these vulnerabilities is identified as CVE-2022-26809 with a CVSS score of 9.8 (scale 1-10). CVE-2022-26809 is a vulnerability in Windows RPC, an attacker could exploit the vulnerability to remotely execute arbitrary code on a system. Exploit code for this vulnerability is expected to be released in the near future. The vulnerability is potentially "wormable". This means that the malware exploiting the vulnerability can easily copy and run itself from the 1st system to the other, without requiring any user interaction.
More information about this vulnerability can be found at the NCSC (https://advisories.ncsc.nl/advisory?id=NCSC-2022-0250) and Microsoft (https://msrc.microsoft.com/update-guide/vulnerability /CVE-2022-26809).
Assessment
- For the vulnerability to be exploited, inbound access is required.
- myDRE VMs at best have outbound access
- The exploit is assessed with: Due to lack of connectivity for the exploit is assessed with:
- Impact = HIGH
- attackers can exploit a big port range over SMB instructions
- Severity = LOW
- Lack of connectivity with VMs from outside; inbound is blocked
- The above results in:
- Threat = LOW => Priority = LOW
Actions
- A Product Backlog Item with Priority low/medium to patch this vulnerability
Related Articles
myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889)
TL;DR myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889). The National Cyber Security Center (NCSC) has announced that a vulnerability with impact High/High (CVE-2022-42889) has been identified in Apache Commons Text v1.5-v1.9. It is being ...Vulnerability in Apache Log4j (CVE-2021-44228)
Background See: https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Impact on anDREa and all its services Production anDREa does not use Log4J or forks in production. Impact: NONE Actions: no action needed update: 2021/12/13 Workspaces that might have ...Windows VMs
Introduction Read below how you can connect to the VM from different Operating Systems (OS, e.g. Windows, MacOS, Linux). An Azure virtual machine (VM) gives you the flexibility of virtualization without having to buy and maintain the physical ...Blue Screen Microsoft
19 Jul 2024 Dear all, News has reached the whole world, that a Microsoft update can lead to the blue screen of death. More information can be found here: https://azure.status.microsoft/nl-nl/status. In regards to myDRE, Windows Virtual Machines that ...Setting Up cBioPortal in MyDRE
If you're using a clean Linux VM and want to install cBioPortal manually: 1. Create the VMs in one workspace Add one default Windows VM and start it. Add a standard Linux Ubuntu 22 VM and start it. 2. Whitelist Required URLs Whitelist the following ...