Security News > 2020 > September > Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Proof-of-concept exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies' Active Directory domain controllers.
"This attack has a huge impact: It basically allows any attacker on the local network to completely compromise the Windows domain," said researchers with Secura, in a Friday whitepaper.
In a real-world attack, attackers could send a number of Netlogon messages in which various fields are filled with zeroes, allowing them to bypass these authentication measures, and access and change the computer password of the domain controller that is stored in the Active Directory, researchers said.
Of note, in order to exploit this vulnerability, the attacker would need to launch the attack from a machine on the same local-area network as their target - meaning they would already need a foothold inside the targeted network.
If attackers are able to exploit the flaw, they can impersonate the identity of any machine on a network when attempting to authenticate to the Domain Controller - enabling further attacks, including the complete takeover of a Windows domain, researchers said.
News URL
https://threatpost.com/windows-exploit-microsoft-zerologon-flaw/159254/
Related news
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Security pros baited with fake Windows LDAP exploit traps (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)