Last updated: 04/16/2022, 16:00 AM EET
As part of April 2022 Patch Tuesday Microsoft released a fix to a critical vulnerability on Windows Remote Procedure Call Runtime (CVE-2022-26809). Information available on this Microsoft implementation vulnerability has been extremely limited and thus its applicability to M-Files cannot be either confirmed or excluded.
M-Files Security strongly urges all on-premise and self-hosting customers to review guidelines provided by Microsoft and to apply appropriate mitigation. M-Files shall patch the Cloud environments as soon as reasonably possible.
Our Security team is constantly monitoring and analyzing available information and shall keep you notified should we have additional details to share.
Related external links: