Zerologon bug: Windows Server at HIGH RISK

Patches are part of everyday Windows life. Every month there are more or less critical IT security gap that need to be closed. Microsoft recently dropped a real bomb with the Zerologon bug. – All currently supported Windows servers and even Samba are vulnerable!

Zerologon? Zerologon!

Hackers can exploit the vulnerability (CVE-2020-1472) to connect to an Active Directory domain controller via the Netlogon protocol and gain all the privileges one can get. With these rights an attacker can then do …. ALL!  – Accordingly, it is only necessary to generate a script, which is prepared with ZERO in the “right” place. This works as a Netlogon message and in no time you are compromised. Rightly so, an even ten for the risk! The US government has set a four-day deadline for all government agencies to patch.

Watch out: Windows Server in danger!

So – dear Admins – act immediately!

This patch should be rolled out with absolute urgency.

Learn more:

https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

https://www.computerweekly.com/de/definition/CVSS-Common-Vulnerability-Scoring-System