Domain Controller Zerologon Patch
Researchers have released exploits for the windows zerologon cve 2020 1472 vulnerability that allow an attacker to take control of a windows domain.
Domain controller zerologon patch. Microsoft warns of incoming windows zerologon patch enforcement. Microsoft august 2020 patch tuesday fixes 2 zero days 120 flaws. The zerologon vulnerability allows an attacker with network access to a windows domain controller to quickly and reliably take complete control of the windows domain.
Zerologon lets anyone with a network toehold obtain domain controller password. As such it is a perfect vulnerability for any attacker and a nightmare for defenders. Zerologon is a critical 10 10 rated security flaw tracked as cve 2020 1472 which when successfully exploited enables attackers to elevate privileges to domain administrator and take control over.
It was discovered by tom tervoort a security researcher at secura and privately reported to microsoft which issued a patch for supported. Update your domain controllers with an update released august 11. As part of the august 2020.
The netlogon remote protocol also called ms nrpc is an rpc interface that is used exclusively by domain joined devices ms nrpc includes an authentication method and a method of establishing a netlogon secure channel. Cve 2020 1472 aka zerologon affects all supported windows server versions but the danger is highest for servers that function as active directory domain controllers in enterprise networks.