Security News > 2020 > September > Patch this critical software flaw now, says Homeland Security in emergency warning
The Department of Homeland Security has given system administrators until today to patch a critical vulnerability in Windows Server that could allow an attacker to hijack federal networks, via a flaw in the Netlogon authentication system.
On 18 September, the DHS's cybersecurity division issued an emergency directive giving government agencies a four-day deadline to patch the CVE-2020-1472 vulnerability, also known as Zerologon, citing the "Unacceptable risk" it posed federal networks.
The flaw enables an unauthorized user to assume control of a network via a flaw in the Microsoft Windows Netlogon Remote Protocol, by simply sending a series of Netlogon messages with input fields filled with zeros.
"In an emergency directive assigned 20-04, DHS CISA said:"CISA has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action.
Under US law, the Secretary of Homeland Security is authorized to "Issue an emergency directive to the head of an agency to take any lawful action with respect to the operation of the information systemfor the purpose of protecting the information system from, or mitigating, an information security threat."
News URL
Related news
- March 2024 Patch Tuesday: Microsoft fixes critical bugs in Windows Hyper-V (source)
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- 73% of SME security pros missed or ignored critical alerts (source)
- 10 Critical Endpoint Security Tips You Should Know (source)
- DHS establishes AI Safety and Security Board to protect critical infrastructure (source)
- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure (source)
- Patch up – 4 critical bugs in ArubaOS lead to remote code execution (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-17 | CVE-2020-1472 | Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). | 5.5 |