The Latest in IT Security

Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability

15
Jan
2021
Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability

image credit: pexels

Tracked as CVE-2020-1472 and addressed on August 2020 Patch Tuesday, the critical vulnerability was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused to compromise Active Directory domain controllers and gain admin access.

Exploitable by unauthenticated attackers able to run a specially crafted application on a device on the network, the vulnerability came into the spotlight in September, after the Department of Homeland Security (DHS) told federal agencies to immediately apply patches for it.

Attacks targeting the vulnerability were observed soon after, and Microsoft issued guidance on how organizations can secure systems affected by the bug. Attacks targeting Zerologon, however, continued.

Read More

Comments are closed.

Categories

SUNDAY, FEBRUARY 28, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments