Security News > 2020 > September > Microsoft Says Hackers Actively Targeting Zerologon Vulnerability
Microsoft says it has observed threat actors actively targeting the Zerologon vulnerability affecting Windows Server.
Last week, the United States Department of Homeland Security issued an Emergency Directive requiring all federal agencies to apply the available patches for the Zerologon vulnerability within days.
Several exploits have been released for the flaw, and Microsoft revealed on Wednesday that it had already observed hackers leveraging some of these exploits to actively target vulnerable systems.
"Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. We have observed attacks where public exploits have been incorporated into attacker playbooks," the company said.
"We strongly recommend customers to immediately apply security updates for CVE-2020-1472. Microsoft 365 customers can use threat & vulnerability management data to see patching status," Microsoft said.
News URL
Related news
- Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)