Zerologon bug: Windows Server at HIGH RISK
Patches are part of everyday Windows life. Every month there are more or less critical gaps that need to be closed. Microsoft recently dropped a real bomb with the Zerologon bug. – All currently supported Windows servers and even Samba are vulnerable!
Hackers can exploit the vulnerability (CVE-2020-1472) to connect to an Active Directory domain controller via the Netlogon protocol and gain all the privileges one can get. With these rights an attacker can then do …. ALL! – Accordingly, it is only necessary to generate a script, which is prepared with ZERO in the “right” place. This works as a Netlogon message and in no time you are compromised. Rightly so, an even ten for the risk! The US government has set a four-day deadline for all government agencies to patch.
So – dear Admins – act immediately!
This patch should be rolled out with absolute urgency.