Microsoft warns that hackers are exploiting the Zerologon vulnerability. This is one of the serious vulnerabilities of the year, as it receives the maximum score from the Common Vulnerability Scoring System.
Door Zerologon it is possible to access the Active Directory domain controller. Active Directory runs on Windows Server. System administrators use it to control access to a company’s resources. The domain controller authenticates and authorizes users and computers, making it an important security element for all devices within the network.
Zerologon makes it possible to abuse the Netlogon protocol. This allows hackers to log into Active Directory and gain administrative rights. In this way, the attacker gains access to all devices within the network at once.
Patches
The vulnerability is rated 10, which is the highest for a bug. Microsoft therefore released a patch in August. To prevent Zerologon from being exploited, Windows Server users must install the August 2020 patch. Not every user has done that.
Microsoft recommends Twitter to update after all and warns that the vulnerability is being exploited. “Microsoft is monitoring the activities of attackers who exploit the CVE-2020-1472 Netlogon EoP vulnerability called Zerologon,” the tech giant said. The company now finds Zerologon ‘in the wild’.
Administrators can use threat & vulnerability management data to view network patch status. This feature is available to Office 365 subscribers.
.
–