You know that Microsoft ZeroLogon bug you've been dragging your feet on? It's getting pwned in the wild now

2020-09-24 22:34

The rather concerning design flaw in Microsoft's netlogon protocol is being exploited in the wild by miscreants, the Windows giant's security team has warned.

Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon.

Microsoft emitted its fix for CVE-2020-1472 in the August Patch Tuesday bundle, and even back then experts were warning the flaw was a critical security risk and addressing it should be a high priority.

Microsoft said it has additional recommendations for those using the Microsoft 365 suite.

"Microsoft 365 customers can refer to the threat analytics report we published in Microsoft Defender Security Center," said the MICROS~1 team.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/24/microsoft_zerologon_in_wild/

#microsoft #CVE-2020-1472

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-17	CVE-2020-1472	An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). microsoft fedoraproject opensuse canonical synology samba debian oracle	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		382	52	1419	2922	176	4569