Security Expert Re: Microsoft Warns Again About Critical Zerologon Vulnerability

Microsoft issued yet another warning that threat actors are continuing to actively exploit systems unpatched against the ZeroLogon privilege escalation vulnerability in the Netlogon Remote Protocol (MS-NRPC). On Windows Server devices where the vulnerability was not patched, attackers can spoof a domain controller account to steal domain credentials and take over the entire domain following successful exploitation.

Experts Comments

November 02, 2020
Adam Laub
CMO
STEALTHbits Technologies
The continued exploitation of a vulnerability allowing attackers easy and unfettered access to the whole of an organization’s digital resources should come as no surprise. Threat actors will attempt to discover and exploit this vulnerability for as long as it continues to work. However, while sustained vulnerability doesn’t necessarily mean negligence on behalf of organizations that have fallen victim, the most likely excuse as to why they have fallen victim is because they have failed to.....Read More
The continued exploitation of a vulnerability allowing attackers easy and unfettered access to the whole of an organization’s digital resources should come as no surprise. Threat actors will attempt to discover and exploit this vulnerability for as long as it continues to work. However, while sustained vulnerability doesn’t necessarily mean negligence on behalf of organizations that have fallen victim, the most likely excuse as to why they have fallen victim is because they have failed to patch. Because non-Windows or homegrown applications and resources may not be able to leverage secure connections via Netlogon at this time, it has undoubtedly forced some organizations to weigh the risks between the possibility of compromise and the certainty of service downtime. For businesses stuck in this purgatorial state, understanding what is connecting insecurely and taking measures to update these resources via whatever means necessary is the best path forward towards mitigating the risk of this vulnerability both now and in the future.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.