
image credit: unsplash
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability for organizations that are struggling with timely patching.
Secura researchers – the very same ones who found and disclosed the flaw to Microsoft – have published additional technical details on Monday, and just a few hours later several PoC exploit/tools have been published on GitHub.