Exploit for Netlogon Remote Protocol Vulnerability, CVE-2020-1472

Discussion in 'other security issues & news' started by ronjor, Sep 14, 2020.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    113,022
    Location:
    Texas
    Original release date: September 14, 2020
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    CERT/CC Releases Information on Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol
    September 17, 2020
    https://us-cert.cisa.gov/ncas/curre...-information-critical-vulnerability-microsoft
    A Proof of Concept Exploit for the “Windows Zerologon” Flaw is Out
     
    Last edited: Sep 20, 2020
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol
    September 18, 2020
    https://us-cert.cisa.gov/ncas/curre...mergency-directive-microsoft-windows-netlogon
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    ACSC
    Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
    September 22, 2020
    https://www.cyber.gov.au/acsc/view-...evation-privilege-vulnerability-cve-2020-1472
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    113,022
    Location:
    Texas
    Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    Microsoft clarifies patch confusion for Windows Zerologon flaw
    September 29, 2020
    https://www.bleepingcomputer.com/ne...s-patch-confusion-for-windows-zerologon-flaw/
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    Ransomware gang now using critical Windows flaw in attacks
    October 9, 2020
    https://www.bleepingcomputer.com/ne...g-now-using-critical-windows-flaw-in-attacks/
     
  8. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,278
    Location:
    Slovenia
    Election Systems Under Attack via Microsoft Zerologon Exploits
    https://threatpost.com/election-systems-attack-microsoft-zerologon/
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    Microsoft Warns of Continued Exploitation of CVE-2020-1472
    October 29, 2020
    https://us-cert.cisa.gov/ncas/curre...ft-warns-continued-exploitation-cve-2020-1472
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    Microsoft Defender for Identity now detects Zerologon attacks
    November 30, 2020
    https://www.bleepingcomputer.com/ne...r-for-identity-now-detects-zerologon-attacks/
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,193
    Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’
    Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.
    January 15, 2021

    https://threatpost.com/microsoft-implements-windows-zerologon-flaw-enforcement-mode/163104/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.