Kevin Perry forwarded me this emergency directive from CISA about the Netlogon Remote Protocol vulnerability. He says if you haven’t mitigated this vulnerability, you need to do it asap.
CISA Releases Emergency Directive on Microsoft Windows
Netlogon Remote Protocol 09/18/2020 09:48 PM EDT Original release date: September 18, 2020 The Cybersecurity and Infrastructure Security
Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical
vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote
Protocol. An unauthenticated attacker with network access to a domain
controller could exploit this vulnerability to compromise all Active
Directory identity services. Earlier this month, exploit code for this vulnerability was publicly released.
Given the nature of the exploit and documented adversary behavior, CISA
assumes active exploitation of this vulnerability is occurring in the wild. ED 20-04 applies to Executive Branch departments
and agencies; however, CISA strongly recommends state and local governments,
the private sector, and others patch this critical vulnerability as soon as
possible. Review the following resources for more information:
|
No comments:
Post a Comment