Security News > 2020 > September > Microsoft: Attackers Exploiting ‘ZeroLogon’ Windows Flaw
Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network.
"We have observed attacks where public exploits have been incorporated into attacker playbooks," Microsoft said.
A domain controller is a server that responds to security authentication requests in a Windows environment, and a compromised domain controller can give attackers the keys to the kingdom inside a corporate network.
"Given the flaw is easily exploitable and would allow an attacker to completely take over a Windows domain, it should come as no surprise that we're seeing attacks in the wild," Caveza said.
"Administrators should prioritize patching this flaw as soon as possible. Based on the rapid speed of exploitation already, we anticipate this flaw will be a popular choice amongst attackers and integrated into malicious campaigns."
News URL
https://krebsonsecurity.com/2020/09/microsoft-attackers-exploiting-zerologon-windows-flaw/
Related news
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft removes Assassin’s Creed Windows 11 upgrade blocks (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
- Microsoft: January Windows security updates break audio playback (source)