Vulnerability in Windows RPC protocol: Spoofing and impersonation attacks reported

SafeBreach experts have disclosed details of a vulnerability in the Windows Remote Procedure Call (RPC) protocol, patched by Microsoft in the July 2025 update. The flaw, CVE-2025-49760, allowed an attacker to conduct spoofing attacks and impersonate a legitimate server using the Windows storage mechanism. Ron Ben Yizak discussed the discovery at the DEF CON 33 conference.

Read more.