The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning (opens in new tab) to all government agencies over a maximum severity vulnerability in Windows servers.
Cybersecurity firm Secura is said to be responsible for identifying the critical vulnerability - called Zerologon (opens in new tab) - found in Windows servers running Windows Server 2008 R2 and newer, including versions of Server running on Windows 10.
It takes approximately three seconds to exploit the vulnerability (opens in new tab), researchers are claiming, and successful attackers could wreak havoc on the target network.
The flaw resides in the Netlogon Remote Protocol, and allows malicious actors to “completely compromise” Active Directory services.
Although the CISA warning was aimed at government institutions, Engadget (opens in new tab) notes that private companies also depend on Windows servers and Active Directory and are therefore also at risk of attack.
Organizations that fear their infrastructure could be affected by the flaw are advised, as per the CISA release, to "apply August 2020 security update (CVE-2020-1472) for Microsoft’s Windows Servers to all domain controllers."
- Best antivirus software of 2020 (opens in new tab)