The Zerologon vulnerability, was reported to the media on 9/18/20. It is rated the maximum 10.0 in severity, could allow an attacker to take control of any or all computers on a vulnerable network, including domain controllers, the servers that manage a network’s security. The bug was appropriately called “Zerologon,” because an attacker doesn’t need to steal or use any network passwords to gain access to the domain controllers, only gain a foothold on the network, such as by exploiting a vulnerable device connected to the network.
The Netlogon EoP vulnerability (CVE-2020-1472) is concerning not just because of its severity, but because of the fact that it can be exploited in a matter of seconds. The security issue affects Windows Server 2008 and above, and enables an attacker to gain admin control of a domain.
With complete access to a network, an attacker could deploy malware, ransomware, or steal sensitive internal files.
We have great news for those of you that are on a Managed Services contract level of Proactive. Our proactive customers would have received the patch to this vulnerability before the end of August. (3 weeks before it was reported to the media)
If you are not a Managed Services client, or are not sure, please inquire by calling us at 610-415-0539. We can get you patched and then talk about getting you setup on a Managed Services contract to be sure that you are keeping your organization safe from future hacks.