Exploit Code Prompts CISA Alert to Microsoft Netlogon Vulnerability

HealthITSecurity.com

Jessica Davis

A recent public exploit for an elevation of privilege vulnerability found in Microsoft’s Netlogon will make unpatched systems a prime target for cybercriminals, according to a recent Department of Homeland Security Cybersecurity and Infrastructure Security alert.

A secondary notice from CERT Coordination Center noted:

“An unauthenticated attacker with network access to a domain controller can impersonate any domain-joined computer, including a domain controller. Among other actions, the attacker can set an empty password for the domain controller's Active Directory computer account, causing a denial of service, and potentially allowing the attacker to gain domain administrator privileges.”

The compromise of Active Directory infrastructure is likely...

Get the Morning Update

Thanks for subscribing!