A vulnerability dubbed “Zerologon,” first seen in Microsoft’s August Patch Tuesday security updates, is getting renewed attention due to additional context released by the security organization, Secura. CVE-2020-1472, is a critical CVSS10 vulnerability that allows a malicious threat actor on a corporate network to impersonate the identity of any network computer trying to authenticate against a domain controller, disable related Netlogon security features, and change password credentials on network domain controllers.
Microsoft is addressing the vulnerability in a two-stage process: the first was delivered in the August “Patch Tuesday” release which stages the capability to address the vulnerability; and, the second update is slated for Q1 2021 to toggle enforcement. This approach is to allow for non-Windows device implementations time to address the protocol changes.
Automox strongly encourages the prioritization of applying the August 2020 security update and also deploying the Domain Controller (DC) enforcement mode before the Q1 2021 update to ensure they have minimized the risk of this vulnerability until the complete patch is available.
Your Plan of Attack? Update and Patch Now!
The most effective way to keep Windows fully secure and up-to-date is to patch now and patch automatically. Automox and Microsoft are encouraging customers to prioritize and deploy this first phase of the Zerologon patch as soon as possible. Applying patches for your operating systems and third-party apps as soon as they become available is the best way to prevent an exploit.
About Automox Automated Patch Management
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.