- Homeland Security issued an emergency alert on Friday for a severe Windows vulnerability called Zerologon that would allow hackers to gain access to any computer of a network within minutes.
- The Cybersecurity and Infrastructure Security Agency (CISA) strongly advises all governmental agencies to upgrade their systems, urging Windows users in the private sector and the general public to do the same.
- Microsoft issued a patch in August for the issue but will follow up with another fix in the coming months.
Security researchers have identified a severe security issue affecting Windows that would allow attackers to take over computers and use them for nefarious reasons in “about three seconds in practice.” The vulnerability is so severe that Homeland Security issued a rare emergency alert on Friday, advising everyone to “go get patching,” including governmental agencies, state and local governments, the private sector, and the general public.
First detailed by Secura (via TechCrunch), the vulnerability is called Zerologon (CVE-2020-1472) and is rated the maximum in severity (or 10.0). The security issue allows attackers to control any or all computers on a vulnerable network, including the domain controllers, the servers that handle the security of the network.
Unlike other attacks, Zerologon doesn’t require the attackers to steal credentials related to a network to gain access to other computers on the network. Hackers would only need to forge an authentication token for a specific Netlogon functionality. After that, they would set the computer password of the Domain Controller to whatever they wanted. This would then give them access to the credentials of a domain admin — from Secura:
The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol, which among other things can be used to update computer passwords. This flaw allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.
Access to a network would then give the attackers unchecked control over other computers. Hackers would install other malicious programs, including malware or ransomware, and steal sensitive internal files.
Microsoft issued a patch in August to prevent exploitation, but that’s not a permanent fix. A second patch would roll out early next year to eradicate the matter. The CISA warning makes it clear the issue is quite severe:
Left unpatched, this vulnerability could allow attackers to compromise network identity services. We have directed agencies to implement the patch across their infrastructure by Monday, September 21, and given instructions for which of their many systems to prioritize.
CISA already “assumes active exploitation of this vulnerability is occurring in the wild.”
Conversely, the Senate is considering a bill requiring tech companies to build backdoors into their encrypted product and devices. Once hackers discover it, a backdoor would work a lot like this newfound Windows hack. Attackers would attempt to gain access to tools and abuse the security issue. That’s not to say the Zerologon security issue is a backdoor, but its severity makes it a great candidate for comparing it with one.
مقالات مشابه
- شرکت صادرات و واردات کالاهای مختلف از جمله کاشی و سرامیک و ارائه دهنده خدمات ترانزیت و بارگیری دریایی و ریلی و ترخیص کالا برای کشورهای مختلف از جمله روسیه و کشورهای حوزه cis و سایر نقاط جهان - بازرگانی علی قانعی
- مایکروسافت جمهور tattles به کنگره در مورد فروشگاه App اپل
- تویوتا کمری 2021 [آرشیو] - برگه 3 - PHalls تالارهای پارسی پیهالز
- HMD جهانی poaches کلید OnePlus کارمند برای کمک به تقویت نوکیا فروش
- بهترین و سبک ترین و عالی ترین اندروید موتورسواری
- مشاوره سئو - خدمات سئو
- دادگاه مجارستان از تصمیم گیری در مورد اولویت داشتن قوانین اتحادیه اروپا در پرونده مهاجرت اجتناب می کند
- در اینجا FDA توصیه های رسمی برای coronavirus واکسن
- این گوشی ال Q70 در حال حاضر می تواند قبل از دستور در ایالات متحده در اواسط محدوده امکانات و آندروید شامل 10
- شرکت صادرات و واردات کالاهای مختلف از جمله کاشی و سرامیک و ارائه دهنده خدمات ترانزیت و بارگیری دریایی و ریلی و ترخیص کالا برای کشورهای مختلف از جمله روسیه و کشورهای حوزه cis و سایر نقاط جهان - بازرگانی علی قانعی