Security News > 2020 > September > Patch this critical software flaw now, says Homeland Security in emergency warning
The Department of Homeland Security has given system administrators until today to patch a critical vulnerability in Windows Server that could allow an attacker to hijack federal networks, via a flaw in the Netlogon authentication system.
On 18 September, the DHS's cybersecurity division issued an emergency directive giving government agencies a four-day deadline to patch the CVE-2020-1472 vulnerability, also known as Zerologon, citing the "Unacceptable risk" it posed federal networks.
The flaw enables an unauthorized user to assume control of a network via a flaw in the Microsoft Windows Netlogon Remote Protocol, by simply sending a series of Netlogon messages with input fields filled with zeros.
"In an emergency directive assigned 20-04, DHS CISA said:"CISA has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action.
Under US law, the Secretary of Homeland Security is authorized to "Issue an emergency directive to the head of an agency to take any lawful action with respect to the operation of the information systemfor the purpose of protecting the information system from, or mitigating, an information security threat."
News URL
Related news
- Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Major security audit of critical FreeBSD components now available (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1472 | Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). | 5.5 |