Sign In

Communications of the ACM

ACM TechNews

One of This Year's Most Severe Windows Bugs Is Now Under Active Exploit


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

Microsoft warns a high-impact vulnerability that allows hackers to instantly take control of Windows' Active Directory is being actively exploited by malicious hackers.

Credit: Ars Technica

Microsoft is warning that CVE-2020-1472, a high-impact vulnerability that allows hackers to instantly take control of Windows' Active Directory and was patched this year, is being actively exploited by malicious hackers.

Dubbed Zerologon, the vulnerability gives attackers with low-level privileges to a vulnerable network the ability to send a string of zeros in messages that use the Netlogon protocol to login to the Active Directory and almost instantly gain control.

It also may be possible to exploit Zerologon directly from the Internet with no previous access.

Said Microsoft representatives, "We have observed attacks where public exploits have been incorporated into attacker playbooks."

The U.S. Department of Homeland Security's cybersecurity arm last week gave agencies until Sept. 28 to apply the patch or remove domain controllers from the Internet.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account