You can now find Cyber Kendra on Google News | Telegram

Zerologon Vulnerability Patch Force Deployment Commences February

With Zerologon, hackers can elevate privileges to a domain administrator and take control of the domain.


Microsoft has warned system administrators that pushing security updates that fix a vulnerability in Windows called Zerologon will begin next month.


Zerologon is a Critical Vulnerability ( CVE-2020-1472 ) with a maximum score of 10 on the CVSS Severity Scale. With its help, attackers can elevate privileges to a domain administrator and seize control of the domain.


A fix for the vulnerability was released as part of the August Patch Tuesday. The patch enables a secure connection using Remote Procedure Call (RPC). It also registers any incompatible devices in the environment so that system administrators can replace them before enforcing.


With the release of the next scheduled updates in February 2021, Microsoft will start automatically enabling secure connections using RPC for all devices on the network and will no longer register incompatible devices.


The company also presented an upgrade plan that includes the following procedures:

  • Updating domain controllers with updates released on August 11, 2020.
  • Identification of devices establishing a vulnerable connection by monitoring the event log.
  • Performing addressing of incompatible devices establishing vulnerable connections;
  • Enabling the forced fix mode for the Zerologon vulnerability.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.