The flaw, tracked as CVE-2022-26809, can be exploited over the network with no user interaction, possibly using multiple protocols as a trigger. It’s the kind of vulnerability that gave life to major botnets in the past as some Windows processes use RPC to communicate with each other over networks.
