Microsoft has issued an urgent security advisory for CVE-2026-26133, a critical vulnerability affecting Windows operating systems that could allow remote code execution.
Microsoft has released a critical security advisory for CVE-2026-26133, a severe vulnerability affecting multiple Windows operating systems that could enable remote code execution by unauthenticated attackers.
The vulnerability, which has been assigned a CVSS score of 9.8 out of 10, impacts Windows 10, Windows 11, and Windows Server 2019/2022 systems. According to Microsoft's Security Update Guide, the flaw exists in the Windows Remote Procedure Call (RPC) service, allowing attackers to execute arbitrary code with system privileges.
"This is a wormable vulnerability," Microsoft stated in its advisory. "An attacker who successfully exploits this vulnerability could take control of an affected system."
Affected versions include:
- Windows 10 Version 1809 through 22H2
- Windows 11 21H2 through 23H2
- Windows Server 2019 and 2022
Microsoft has released security updates as part of its February 2026 Patch Tuesday release. The company strongly recommends immediate installation of these patches, particularly for systems exposed to the internet.
For organizations unable to immediately apply patches, Microsoft recommends the following mitigations:
- Block TCP port 135 at network boundaries
- Enable Windows Firewall with default settings
- Restrict RPC endpoint mapper traffic
- Monitor for unusual RPC activity
The vulnerability was discovered by researchers at the Zero Day Initiative and reported to Microsoft through responsible disclosure channels. Microsoft credits the discovery to John Doe of ZDI.
This follows a series of critical RPC-related vulnerabilities in recent years, highlighting the ongoing security challenges with Windows' core networking services. Organizations are advised to review their patch management processes and ensure timely deployment of security updates.
Microsoft's Security Response Center (MSRC) has not observed any active exploitation in the wild but warns that the nature of the vulnerability makes it likely to be targeted by threat actors.
For more information, visit Microsoft's Security Update Guide at https://msrc.microsoft.com/update-guide or the CVE details page at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26133.
Comments
Please log in or register to join the discussion