[conspire] [OT] Microsoft security: CVE-2020-1472 (10/10 patch it NOW if not already done so) Netlogon / Zerologon
Michael Paoli
Michael.Paoli at cal.berkeley.edu
Fri Sep 25 22:29:48 PDT 2020
Off-Topic (OT) Microsoft security: CVE-2020-1472 Netlogon / Zerologon
(10/10 patch it NOW if not already done so)
Yeah, ... it's one 'o those bad ones,
if you know someone unfortunate enough to be running ...
and they've not already patched it ... yeah, ASAP - if it's not
already too late ... exploits starting to show in the wild, etc.
If I'm reading correctly, allows unauthenticated remote compromise
of Administrator on Active Directory (AD) Domain Controllers (DCs).
Microsoft released patch/update 2020-08-11, but not everyone is
caught up yet.
https://cyber.dhs.gov/ed/20-04/
https://us-cert.cisa.gov/ncas/current-activity/2020/09/24/unpatched-domain-controllers-remain-vulnerable-netlogon
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
https://twitter.com/MsftSecIntel/status/1308941504707063808
https://www.reddit.com/r/sysadmin/comments/izsj1n/until_all_domain_controllers_are_updated_the/
https://www.darkreading.com/vulnerabilities---threats/6-things-to-know-about-the-microsoft-zerologon-flaw/d/d-id/1339017
etc.
More information about the conspire
mailing list