IT-Security

Zerologon bug: Windows Server at HIGH RISK

Patches are part of everyday Windows life. Every month there are more or less critical gaps that need to be closed. Microsoft recently dropped a real bomb with the Zerologon bug. – All currently supported Windows servers and even Samba are vulnerable!

 

Zerologon? Zerologon!

Hackers can exploit the vulnerability (CVE-2020-1472) to connect to an Active Directory domain controller via the Netlogon protocol and gain all the privileges one can get. With these rights an attacker can then do …. ALL!  – Accordingly, it is only necessary to generate a script, which is prepared with ZERO in the “right” place. This works as a Netlogon message and in no time you are compromised. Rightly so, an even ten for the risk! The US government has set a four-day deadline for all government agencies to patch.

 

Watch out: Windows Server in danger!

 

 

 

 

 

 

 

 

So – dear Admins – act immediately!

This patch should be rolled out with absolute urgency.

 

Learn more:

https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

https://www.computerweekly.com/de/definition/CVSS-Common-Vulnerability-Scoring-System

Share post