Security researchers from Kaspersky have unveiled PhantomRPC, a critical unpatched architectural vulnerability in the Windows Remote Procedure Call (RPC) system that enables local privilege escalation to SYSTEM-level access. The flaw affects every version of Windows and currently has no official patch from Microsoft.
What Is PhantomRPC?
PhantomRPC is not a traditional memory corruption bug. Instead, it exploits a fundamental design weakness in the Windows RPC runtime library (rpcrt4.dll). When a highly privileged process attempts an RPC call to a server that is offline or disabled, the RPC runtime fails to verify whether the responding server is legitimate. This critical omission allows an attacker controlling a low-privileged process to deploy a malicious RPC server that impersonates a legitimate endpoint and intercepts those calls.
The research was presented by Kaspersky application security specialist Haidar Kabibo at Black Hat Asia 2026 on April 24, detailing five distinct exploitation paths — none of which have received a patch from Microsoft.
How the Attack Works
The core mechanism relies on the RpcImpersonateClient API. When a privileged client connects to the fake RPC server with a high impersonation level, the attacker’s server calls this API to assume the client’s security context — instantly escalating from a low-privileged service account to SYSTEM or Administrator.
The five exploitation scenarios identified by Kaspersky researchers are:
- gpupdate.exe coercion: Triggering
gpupdate /forcecauses the Group Policy Client service (running as SYSTEM) to make an RPC call to TermService. If TermService is disabled, the attacker’s fake server intercepts the call, yielding SYSTEM-level access. - Microsoft Edge startup: When
msedge.exelaunches, it triggers an RPC call to TermService. An attacker with a spoofed endpoint can escalate from Network Service to Administrator without any user interaction beyond opening a browser. - WDI background service: The Diagnostic System Host (
WdiSystemHost), running as SYSTEM, periodically polls TermService every 5–15 minutes. The attacker simply waits — no user action needed. - ipconfig.exe and DHCP Client: Executing
ipconfig.exetriggers an internal RPC call to the DHCP Client service. With DHCP disabled and a fake server in place, a Local Service attacker can escalate to Administrator. - w32tm.exe and Windows Time: The Windows Time executable attempts to connect to a nonexistent named pipe
\PIPE\W32TIME. An attacker can expose this endpoint without disabling the legitimate W32Time service, then impersonate any privileged user who runs the binary.
Microsoft’s Response: No Patch Planned
Kaspersky responsibly disclosed the vulnerability to the Microsoft Security Response Center (MSRC) on September 19, 2025. Microsoft responded 20 days later, classifying the issue as moderate severity on the grounds that exploitation requires SeImpersonatePrivilege — a privilege already held by default by Network Service and Local Service accounts. No CVE was assigned, and the case was closed without a scheduled fix.
Security experts widely disagree with Microsoft’s assessment. The fact that SeImpersonatePrivilege is commonly available to many services means the attack surface is broad, not narrow.
Recommended Mitigations
Until Microsoft issues a patch, defenders can take the following steps to reduce exposure:
- Enable ETW-based RPC monitoring to detect
RPC_S_SERVER_UNAVAILABLEerrors (Event ID 1) combined with high impersonation levels from privileged processes. - Enable disabled services such as TermService where feasible, to eliminate the “unavailable server” condition that the attack depends on.
- Restrict use of
gpupdate /forcein automated or scripted contexts where possible. - Monitor for unexpected named pipe creation and unusual RPC server registrations by low-privileged accounts.
- Apply least-privilege principles to reduce the number of accounts holding SeImpersonatePrivilege.
Broader Implications
PhantomRPC underscores a growing concern: architectural flaws in foundational OS components are often dismissed by vendors when they don’t fit classic vulnerability categories. Because the flaw is rooted in design rather than a single buggy function, patching it may require substantial changes to the RPC runtime — which may explain Microsoft’s reluctance. Security teams should treat this as an active threat and implement compensating controls immediately, as proof-of-concept code was publicly demonstrated at Black Hat Asia.