Patch Now: Zerologon Vulnerability Being Weaponized
Microsoft has patched the Zerologon vulnerability, an extremely dangerous bug that allows attackers to take over enterprise networks.
Zerologon Vulnerability Lets Attackers Hijack Windows Domain Controller
CVE-2020-1472 was originally released on August 11 and relates to an elevation of privilege bug used by the Netlogon Remote Protocol.
We were told this would come as a two-part solution. The first patch was made available in the August Patch Tuesday to address the server side fix, and a further fix would be released in Q1 of 2021. However, we have discovered that the vulnerability has already been weaponized in a lab, which means the severity of this vulnerability should not be taken for granted.
Why Patching Zerologon is Critical
There are several elements to Zerologon which makes it such a high priority. It has been independently ranked with a CVSS score of 10.0, which is the highest possible rating and has no countermeasures are available, which means deployment of the patch is essential to alleviate the risk.
Along with the US-CERT partner Cybersecurity & Infrastructure Security Agency, we are recommending this be treated as a zero-day vulnerability.
How to Patch the Zerologon Vulnerability
We recommend deploying this update as soon as possible. Customers of Tuearis' Threat and Vulnerability Management Programs (which include patching) and Managed Endpoint Defense are already being secured.
Tuearis Cyber an easily deploy updates across your environment for Windows, Linux, and Mac devices. We can help you stay up-to-date and keep your environment secure with a simple and powerful solution.
With Tuearis you can REST SECURED.