Person on computer typing. Graphic of connecting locks is overlaying the image.

Blog

Critical Info — Zerologon Vulnerability Requires Immediate Security Patch Updates

September 16, 2020 Technology

A recently discovered threat targeting Windows Servers, called Zerologon, allows any device connected to a network to obtain domain admin rights with no authentication required. The flaw presents a specially crafted network command to the environment servers, bypassing user login information. The attacker will have the ability to take control of the Domain Controller and obtain domain administrator permissions (highest level security rights).

Once the attacker has obtained domain administrator permissions they can do anything they want in the environment. This vulnerability has already been weaponized into a script that any attacker can easily run once in a client environment, which makes this threat very serious.

Microsoft has released a patch for Domain Controllers to eliminate the vulnerability and it has been applied to all YeoCare clients. YYTECH strongly encourages all clients to apply this patch as soon as possible. Please contact your YYTECH representative if you have any questions about how to apply the patch.

Contact YYTECH if you have any security questions regarding Zerologon.

Critical Info — Zerologon Vulnerability Requires Immediate Security Patch Updates

Want To Learn More?

Related Posts

Want To Learn More?

Related Posts

AI and Deepfake Scams Top IT Leaders’ List of Most Frequent Attacks

Before You Ditch Your Sluggish PCs… Do This

Rethinking Ransomware Payments: A Fool’s Choice

Can a Cloud-Based Communication System Save You Money?

10 Ways Cloud Computing Can Benefit Manufacturers

User Access Management Best Practices for Effective Control and Compliance